Microsoft Fixes 19-Year-Old Windows Bug That Allowed Remote Exploits

Share on Facebook Tweet Share Reddit Comment
Microsoft Fixes 19-Year-Old Windows Bug That Allowed Remote Exploits
Microsoft issued an emergency patch Wednesday for a dangerous flaw that has existing in Windows operating software for nearly two decades.

The vulnerability, disclosed by IBM security researchers, has been in every Windows operating system since 1995 and could allow a hacker to take control of computers after luring Internet Explorer browser users to booby-trapped Internet pages.

A hacker who successfully exploited the weakness could have the same control of a machine as the user, but taking advantage of the flaw was deemed "tricky" and there was no evidence hackers had managed to pull off such a move.

"We released Security Bulletin MS 14-064 to help protect customers against this issue and customers with automatic updates enabled do not need to take an action as they are automatically protected," Microsoft said in an email response to an AFP inquiry.

Robert Freeman of IBM X-Force said in a blog post: "This complex vulnerability is a rare, 'unicorn-like' bug found in code that IE relies on but doesn't necessarily belong to.

"The bug can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user's machine."

The software fix, labeled "critical" by Microsoft, was one of 32 patches released by the US technology titan as part of its routine update cycle.

Windows powers about 90 percent of computers worldwide.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Lenovo Vibe X2 Review: A Tasty Confection with a Few Lumps
Amazon to Build Data Centres in 'Every Large Country' in Cloud Push
 
 

Advertisement

 

Advertisement

© Copyright Red Pixels Ventures Limited 2019. All rights reserved.