Jump to content

Microsoft Emergency Security Fix

Plumbers Crack

By Plumbers Crack
in Hardware

 Share

Recommended Posts

Plumbers Crack Grand Master

Plumbers Crack 4,033 Day to Day FGer 10 Years with FG! 9 Whole Years

Posted
Posted

Sorry if this looks scrappy but it seems important and I'm short on time!

 

Microsoft makes emergency security fix

By Chris BaraniukTechnology reporter

31 minutes ago

 

From the section Technology

These are external links and will open in a new window

 

Microsoft has released an urgent update to stop hackers taking control of computers with a single email.

The unusual bug, in Microsoft anti-malware software such as Windows Defender, could be exploited without the recipient even opening the message.

Researchers working for Google's Project Zero cyber-security outfit discovered the flaw at the weekend.

The fix has been specially pushed out hours before the software giant's weekly Tuesday security update.

Hackers could exploit the flaw simply by sending an infected email, instant message or getting the user to click on a web browser link.

Windows 8, 8.1, 10 and Windows Server operating systems are affected by the bug.

Anti-virus software such as Windows Defender would merely have to scan the malicious content for the exploit to be triggered.

On some computers, scans are set up to occur almost instantly - "real-time protection" - or to take place at a scheduled time.

"Anti-virus normally tries to intercept these things before you get to them," said cyber-security expert Graham Cluley.

He added it was "tremendous" that Microsoft had released the patch so quickly.

Image captionNews of the bug broke over the weekend - and the problem was quickly patched

The bug was discovered by Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich.

And Mr Ormandy later tweeted he had been "blown away" at the speedy response.

The vulnerability allows for remote code execution: "the thing all the malicious attackers are aiming for", Mr Cluley told the BBC.

"It means they can install code on to your computer without your permission - it means they can hijack your computer."

Mr Cluley did add, however, that he thought the Project Zero protocol for announcing the vulnerability - which had included information that malicious hackers might have found useful - had been risky.

"That can help the bad guys," he said.

Windows users can check that they are running the latest Windows Defender version (1.1.13704.0), which should download automatically, to make sure they are not at risk - or hit the update button.

 

http://www.bbc.co.uk/news/technology-39856391

fa91d1c7-2525-4709-a13b-ae6fabba557e.jpg


Thanks to Capn_Underpants for the artwork

Link to comment
Share on other sites
  • Replies 1
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use and Privacy Policy

  I accept