Home > Cyber News > Worst Windows Remote Code Execution Bug in Recent Memory Found
CYBER NEWS

Worst Windows Remote Code Execution Bug in Recent Memory Found

Researchers Tavis Ormandy and Natalie Silvanovish from Google Project Zero have discovered and reported a remote code execution vulnerability in Windows. This bug is in fact the “worst Windows remote code exec in recent memory”. The researchers also described the bug as “crazy bad”. Having in mind the nature of the flaw, one question should be answered. Will Microsoft succeed in fixing the flaw on the upcoming Patch Tuesday, or will it wait out the 90-day disclosure deadline?

Related: CVE-2017-7269 Shows Why Running Unsupported Software Is Bad

Tavis announced the vulnerability in a tweet just a couple of days ago:

His tweet caused a wave of reactions from fellow researchers all trying to guess the location of the flaw. The researcher hasn’t revealed much about the bug but he did say that “attack works against a default install, don’t need to be on the same LAN, and it’s wormable”. Things are definitely not looking good with this one.


How Does Project Zero Work?

Shortly said, vulnerabilities discovered by the team are reported to the vendors and are made publicly visible after a patch is made available, or if 90 days have passed without a patch being released. This 90-day deadline gives vendors the chance to fix the issue before the flaw goes public so that users can protect themselves and avoid attacks. It’s also a way of implementing responsible vulnerability disclosure.

Unfortunately, Microsoft has often failed to resolve serious bugs before the 90-day deadline.


More about Remote Code Execution

The ability to trigger arbitrary code execution from one computer on another (mostly via the Internet) is widely known as remote code execution. What enable attackers to execute malicious code and gain control over the compromised system is the presence of vulnerabilities. Once the system is under the attackers’ control, they can elevate their privileges.

Related: ESET CVE-2016-9892 Flaw Exposes Macs to Remote Code Execution

That being said, the best way to prevent remote code execution attacks is by never allowing vulnerabilities to be exploited. Unfortunately, remote code execution flaws are very often favored by attackers, and that is what makes keeping your operating system up-to-date crucial.

Sadly, there are many cases of vulnerabilities being exploited in the wild before the adequate release of a patch. Because of their severe character, zero-day vulnerabilities are often rated critical. Windows is often prone to zero-day exploits, like CVE-2015-2545 from 2015, found in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree