Five-year-old design flaw found in all Windows versions

Posted by   Virus Bulletin on   Nov 26, 2007

Microsoft engineers spend Thanksgiving holidays writing patch.

During the Kiwicon conference earlier this month, ethical hacker Beau Butler from New Zealand disclosed a design flaw in Windows that could potentially affect millions of users. Said flaw seems to have been first discovered and, apparently, fixed more than five years ago, but this fix has turned out to be only partially effective, Australian newspaper The Age reports.

A Microsoft spokesman confirmed that this is a serious issue and asked Butler and The Age not to disclose details of the flaw while Microsoft's security team is working on a fix. The vulnerability is said to occur in all versions of Windows, including Vista, and could lead to hackers taking over many PCs with a single attack. However, while Butler found more than 160.000 computers in New Zealand to be vulnerable, the flaw is reported to only affect computers in countries outside the United States.

Posted on 26 November 2007 by Virus Bulletin

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Virus Bulletin's job site for recruiters and job seekers

Virus Bulletin has relaunched its security job vacancy service and added a new section, in which job seekers can advertise their skills and experience.

Throwback Thursday: One_Half: The Lieutenant Commander?

In October 1994, a new multi-partite virus appeared, using some of the techniques developed by the Dark Avenger in Commander_Bomber. As if this were not enough, the One_Half virus could also encrypt vital parts of the fixed disk. Eugene Kaspersky…

Advertisements on Blogspot sites lead to support scam

Support scam pop-ups presented through malicious advertisements show that, next to vulnerable end points, gullible users remain an easy source of money for online criminals.

To make Tor work better on the web, we need to be honest about it

Many websites put barriers in front of visitors who use the Tor network. If we want to make the web more accessible through Tor, we need to be honest about why this is done, rather than cry wolf about a dislike for privacy, Martijn Grooten says.

Paper: How It Works: Steganography Hides Malware in Image Files

A new paper by CYREN researcher Lordian Mosuela takes a close look at Gatak, or Stegoloader, a piece of malware that was discovered last year and that is controlled via malicious code embedded in a PNG image, a technique known as steganography.