“The Worst” Windows Bug Discovered... and Thankfully Fixed

“The Worst” Windows Bug Discovered... and Thankfully Fixed

Microsoft has resolved what a security researcher tweeted was “the worst Windows remote code exec” in his memory. This vulnerability allowed a targeted file to implement remote code execution processes, manipulating the infected system and spreading the infection to other machines. In other word, it’s a bad problem to have. The scariest part: the attack would be triggered if a particular file were to be scanned by the Microsoft Malware Protection Engine.

This vulnerability was uncovered and reported by researchers Tavis Ormandy and Natalie Silvanovich, of the Google Project Zero team. Taking to Twitter, the duo reported that they had made a discovery, reporting it to Microsoft and the Microsoft Security Response Center.

The MSRC confirmed the presence of the vulnerability, discovering that numerous pieces of software within the Microsoft Malware Protection Engine would allow a “specially crafted file” to begin running any code the attacker pleased on the system. This vulnerability was present on essentially every Windows machine, having been found on Windows 7, 8.1, and 10, and even affecting Windows RT.

While Microsoft pushed out this particular update, this story still serves as a reminder to keep all of your solutions up-to-date. There is a digital arms race that is waged between programmers and hackers, where each side tries to gain the upper hand over the other by improving their programs. This is one of the main reasons why your solutions have regular updates released, and why it is so important to implement these updates in a timely manner. Without these updates, your system is left vulnerable to threats that have been made preventable.

White Mountain IT Services can help you to be sure that your company’s systems are updated. We’ll keep an eye out for any updates as well as warning signs of impending threats. For more information, give us a call at 603-889-0800.

With the surge in the number of small and medium businesses that have fallen prey to malware and cyber criminals, there is a lot of focus of what an organization can do to prevent being a victim and how the company should handle themselves after an attack. There is another key factor to preventing cyber criminals from penetrating into your network:...

- Onsite Coverage Area -

Onsite computer support services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH and then down into Boston. From Northern and Central Mass we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

603-889-0800

White Mountain IT Services
33 Main Street Suite 302
Nashua, New Hampshire 03064

 

 padlock1  Cyber Security Toolkit

cloud desktop2 Cloud Desktop Login

Open Positions