Microsoft Winshock Bugs & Patches: Longtime 'Winshock' Problem Is Resolved, Company Says
Microsoft has solved a software glitch in its operating system and other products that has existed for 19 years.
Researchers at IBM discovered the flaw in May and have been working with Microsoft since then to fix the problem.
Every version of Windows since the 95 system has had the bug present, according to IBM. The defect allowed attackers to remotely control the PC. Users are being encouraged to download updates to prevent their devices from vulnerability.
In its monthly security update, Microsoft addressed the problem. They released 14 patches, with two additional updates to be rolled out later.
IBM researcher Robert Freeman posted on a blog about the bug and what it means to the average computer user, saying "the bug can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user's machine."
A drive-by attack in computer security basically means that the hacker forces the PC to download malicious software without the user's permission. According to IBM, the bug had been "sitting in plain sight."
This bug, nicknamed WinShock, has been given a 9.3 out of a possible 10 score on the Common Vulnerability Scoring System, which categorizes computer security threats by severity.
As with the Heartbleed bug that gained attention earlier this year for its breach of secure data in transfers, WinShock can affect Secure Sockets Layer.
Although there have been no reported attacks using this bug, Gavin Millard from Tenable Network Security said that people should still be wary.
"Whilst no proof-of-concept code has surfaced yet, due to Microsoft thankfully being tight-lipped on the exact details of the vulnerability, it won't be long until one does, which could be disastrous for any admin that hasn't updated," Millard said. "Is WinShock as bad as Heartbleed? At the moment, due to the lack of details and proof-of-concept code, it's hard to say, but a remote code execution vulnerability affecting all versions of Windows server ... is up there with the worst of them."
* This is a contributed article and this content does not necessarily represent the views of latinpost.com