Microsoft to patch 17-year-old computer bug ........ | Information Technology / Computer Talk | Forum

A A A
Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —






— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
Microsoft to patch 17-year-old computer bug ........
February 6, 2010
1:29 pm
Avatar
Guest
Guests

A 17-year-old bug in Windows will be patched by Microsoft in its latest security update.

The February update for Windows will close the loophole that dates from the time of the DOS operating system.

First appearing in Windows NT 3.1, the vulnerability has been carried over into almost every version of Windows that has appeared since.

The monthly security update will also tackle a further 25 holes in Windows, five of which are rated as "critical".

Home hijack

The ancient bug was discovered by Google security researcher Tavis Ormandy in January 2010 and involves a utility that allows newer versions of Windows to run very old programs.

Mr Ormandy has found a way to exploit this utility in Windows XP, Windows Server 2003 and 2008 as well as Windows Vista and Windows 7.

The patch for this vulnerability will appear in the February security update. Five of the vulnerabilities being patched at the same time allow attackers to effectively hijack a Windows PC and run their own programs on it.

Windows 95 on sale (wow) The bug dates from the days of Windows 3.1

As well as fixing holes in many versions of Windows, the update also tackles bugs in Office XP, Office 2003 and Office 2004 for Apple Macintosh machines.

The bumper update is not the largest that Microsoft has ever released. The security update for October 2009 tackled a total of 34 vulnerabilities. Eight of those updates were rated as critical - the highest level.

In January 2010, Microsoft released an "out of band" patch for a serious vulnerability in Internet Explorer that was being exploited online. The vulnerability was also thought to be the one used to attack Google in China.

Following the attack on Google, many other cyber criminals started seeking ways to exploit the loophole.

Also this week, a security researcher has reported the discovery of a vulnerability in Internet Explorer that allows attackers to view the files held on a victim's machine.

Microsoft has issued a security bulletin about the problem and aims to tackle it at a future date. At the moment there is no evidence that this latest find is being actively exploited online.

http://news.bbc.co.uk/1/hi/tec.....499859.stm

Forum Timezone: America/Los_Angeles

Most Users Ever Online: 288

Currently Online: Tony Bennett
58 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

greeney2: 10286

bionic: 9870

Lashmar: 5289

tigger: 4576

rath: 4297

DIss0n80r: 4161

sandra: 3858

frrostedman: 3815

Wing-Zero: 3278

Tairaa: 2842

Member Stats:

Guest Posters: 2

Members: 24729

Moderators: 0

Admins: 2

Forum Stats:

Groups: 8

Forums: 31

Topics: 9017

Posts: 124219

Newest Members:

Tony Bennett, Jay man, MARMORRIS, JAMES, Nan, Me, Jessica Branch, Rip Crain, Jessica S, Jennifer Thomas

Administrators: John Greenewald: 636, blackvault: 1776