Microsoft announced the other day that there has
been a critical security flaw in all versions of their operating system. It has
existed in all versions of the Windows OS since Windows 95. So, I guess for the last 19 years the
guys over at Microsoft have been looking at their
computers and envisioning themselves running across the green hills of XP’s
desktop instead of burying their minds in endless patches to try and ‘solve’
these continuous issues. Oh, wait a minute…
Seriously though, Microsoft has actually patched the
19 year old critical flaw in Windows, so there is no need to overly
panic. Security researchers from IBM discovered the flaw earlier this year
and notified the Redmond giants privately back in May. Apparently the rare bug
can allow an attacker to remotely execute code on an affected system, simply by
convincing Windows users to visit a URL in Internet Explorer.
IBM have said the exploit could have been be
triggered on Internet Explorer 3.0 going forwards and that every currently
supported version of Windows is affected. IBM researcher Robert Freeman
said, “This vulnerability has been sitting in plain sight for a
long time despite many other bugs being discovered and patched in the same
Windows library.”
Although Microsoft is issuing patches for Windows
8.1, Windows 7, Windows Vista, and their server releases, the software
giant stopped supporting Windows XP earlier in 2014. There is no evidence, as yet this bug is being
exploited in the wild, but it has been given a rating of 9.3 out of 10 on the
Common Vulnerability Scoring System (CVSS).
If I were you I would run Windows Update if you
haven’t already.
No comments:
Post a Comment