Microsoft has patched Windows security flaw existed for 19 years

Microsoft

On Tuesday, Microsoft issued an extensive number of security updates for its presently supported version of Windows. It would appear, one of those patches was intended to fix an security hole that had existed in all the versions of the operating system for 19 years, or since Windows 95.

The flaw was initially found by IBM in May and it shared that data secretly to Microsoft. IBM expressed:

“This complex vulnerability is a rare, “unicorn-like” bug found in code that IE relies on but doesn’t necessarily belong to. The bug can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user’s machine — even sidestepping the Enhanced Protected Mode (EPM) sandbox in IE 11 as well as the highly regarded Enhanced Mitigation Experience Toolkit (EMET) anti-exploitation tool Microsoft offers for free.”

IBM said this imperfection has permitted each version of Windows to be remotely abused since the arrival of Internet Explorer 3.0 in 1996. As such, there’s no proof that hackers have discovered and have been utilizing this security opening for assaults/attacks. Anyhow, the BBC cites Gavin Millard, from Tenable Network Security, as saying:

“Whilst no proof-of-concept code has surfaced yet, due to Microsoft thankfully being tight-lipped on the exact details of the vulnerability, it won’t be long until one does, which could be disastrous for any admin that hasn’t updated.”

Maybe the greatest concern is for every one of those PCs that are as of now running Windows XP, which Microsoft generally won’t support or updates with security patches. The most recent facts for October by Net Applications demonstrated that the 13-year-old Windows XP is even now being utilized by 17.18 percent of PCs around the world.

How concerned would you say you are about this 19-year-old Windows imperfection being utilized by hackers on PCs?

BBC, IBM

Leave a Reply