It is really unbelievable. Giant MicroSoft did not issue any kind of patches for 17 year.
One day after a Google security researcher released code to expose a flaw that affects every release of the Windows NT kernel — from Windows NT 3.1 (1993) up to and including Windows 7 (2009) — Microsoft dropped a security advisory to acknowledge the issue and warn of the risk of privilege escalation attacks.
Microsoft warns that a malicious hacker could exploit this vulnerability to run arbitrary code in kernel mode. For an attack to be successful, the attacker must have valid logon credentials.
The flaw does not affect Windows operating systems for x64-based and Itanium-based computers, Microsoft said.
According to Tavis Ormandy, the Google researcher who released the flaw details, Microsoft was notified about the issue in June 2009. After waiting several months and not seeing a patch, he decided it was in the best interest of everyone to go public.
As an effective and easy to deploy workaround is available, I have concluded that it is in the best interest of users to go ahead with the publication of this document without an official patch. It should be noted that very few users rely on NT security, the primary audience of this advisory is expected to be domain administrators and security professionals.
Ormandy’s advisory includes instructions for temporarily disabling the MSDOS and WOWEXEC subsystems to prevent an attack from functioning. This can be done via Group Policy.
The mitigation in Microsoft’s advisory mirrors the advice from Ormandy
Source:zdnet.com
Related News:
Microsoft Releases Security Pack To Fix 21 Vulnerabilities
Microsoft Plans Xbox Live For Android And iOS Devices
Nvidia And Microsoft Churn Out Tegra 3 Test Machines For Windows 8 Devel ...
MAPP Proof-Of-Concept Exploit Code Leak Confirmed By Microsoft, Patch Re ...
Microsoft Integrates SkyDrive Into Windows 8
Ballmer: 500 Million Users Will Be Using Windows 8 By Next YearRecent Tech News
When Facebook acquired Instagram for a whopping billion dollars, many of us kept wondering that why on Earth would the social network pay such a hefty sum for a photo sharing service. However, when Facebook later stated its ambition to be successful across the mobile platform, it was understandable since Instagram has been a huge success on the mobile devices. A recent development suggests, Facebook might have started to utilize the Instagram know-how in their (Facebook’s) products already. You will know what I mean when you see the recently launched ‘Facebook Camera’ app.
While RIM may be deemed the company that launched the true smartphone revolution with its BlackBerry devices and coined the very concept, Apple will always be termed as the company which popularized the notion of smartphones. And its not surprising to note now that iOS and Android smartphones dominate the total shipments of the smartphones made during the last quarter of 2012.
Facebook has become increasingly important for the brands to stay relevant and important on the social media. Facebook pages are a central hub for most brands to connect with their millions of fans and the social network keeps adding newer features to make this more easy and convenient. Now, Facebook has added yet another feature to pages.
Smile is a great way to express pleasure or joy at something or someone. But more often than not, it has to be forced and is fake. While that may work for a lot of people perfectly well, things are about to change. A new technology from MIT can now detect if your smile is true or fake, thus busting you right on spot for pulling that false grin.
Pingback: Tweets that mention Microsoft to solve 17-year-old Windows vulnerability | TheTechJournal.com -- Topsy.com