Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Another Zero Day Bug Found In Windows Versions

Tuesday-Patch-Microsoft
An exploit which is zero-day related has been discovered in Windows 10’s versions. The exploit is nothing crucial or serious to be worried about, but Microsoft employees have publicly revealed that this particular exploit conceals multiple risks that may endanger the privacy of users.

When contacted about the issue, Microsoft employees do not directly respond to the questions, but instead “recommend” in their response users to focus on using Windows 10 and Edge browser “for the best protection”, ARSTechnica reports.

The employees from PR firm of Microsoft were not able to explain why Windows 10 and Edge should be used when the bug was discovered in most Windows versions, including 10.

The employees at the firm were pressed to give away details on the bug or at least to provide risk assessment of the zero day exploit, but they declined.

This exploit does not represent any serious threat. It was discovered that the bug itself roots from a null pointer issue in the file server protocol of Microsoft’s server message block. It can only cause a crash on a server, hypothetically. There are more dangerous zero day bugs out there that allow malicious code to be executed.

But this is information that users have no actual method of being aware of. And also hypothetically administrators could misconfigure servers to be vulnerable to this bug, which means to configure a server to keep alive the connection for file sharing, for example.

And when asked, instead of giving details on the bug, the PC firm has responded with a message that their products are far superior in terms of the attention paid to the security of the software and bug fixing. Many experts believe that this is not entirely correct, primarily because Windows 10 is by far still vulnerable to exploits, like any other OS is.

The PR firm has “taken back” the advice to use Windows 10 and Edge for more security without further comment.

How The Exploit Was Discovered

Laurent Gaffie, a cyber-security analyst who has reported the bug to Microsoft during the end of 2016 has also stated that the flaw was scheduled to be packed for December but Microsoft has actually postponed this to 02.2017 with other fixes altogether.

Nobody knows why the patch was delayed, especially during important time when people use Windows’ products the most – the winter holidays, but one thing is clear. Microsoft has to focus on security instead of Marketing and dealing with the outcome of a flaw.

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.