fbpx
Wednesday, 10 May 2017 10:59

Google Researchers Discover 'Worst' Windows Bug

By: 

The vulnerability exists within Microsoft's own antimalware protection engine, but thankfully there's already a fix.

Apple may now be the richest company, but it's Microsoft's operating system that still loads on most of our desktops and laptops around the world. So when a major security bug is discovered it's important it gets fixed quickly. And Google researchers recently discovered a really serious one in Windows Defender of all places.

The bug was discovered by Google Project Zero vulnerability researchers Tavis Ormandy and Natalie Silvanovich. As the tweet by Ormandy below notes, this is the "worst Windows remote code exec" bug discovered as far as he can remember.

 

 

 Tavis Ormandy

 @tavisoI think @natashenka and I just discovered the worst Windows remote code exec in recent memory. This is crazy bad. Report on the way. 

 

The vulnerability allows remote code execution if the Microsoft Malware Protection Engine "scans a specially crafted file." If successful, the attacker is then able to run whatever code they like on the breached system as well as using it to start infecting other Windows machines.

According to Engadget, the vulnerability is present on Windows 7, 8.1, RT and Windows 10, meaning just about everyone running Windows is vulnerable.

So you won't be surprised to hear that Microsoft marked the bug as Critical and already has a fix available to close the security hole. It should be applied to your system automatically over the next few days, or you can manually trigger a Windows Update to install the patch now.

 

Source : This article was published pcmag.com By MATTHEW HUMPHRIES

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media

Finance your Training & Certification with us - Find out how?      Learn more