Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Microsoft set to fix17yearold Windows vulnerability nxtweek

Microsoft set to fix17yearold Windows vulnerability nxtweek 6 years 10 months ago #33570

  • Dhillon
  • Dhillon's Avatar
  • Offline
  • New Member
  • Posts: 17
  • Karma: 0
Microsoft has confirmed it is on course to issue a patch next Tuesday for a recently discovered 17 year old Windows vulnerability.

In January Neowin reported on the recent discovery of a Windows vulnerability that has existed since the release of Windows NT 3.1 in 1993. The vulnerability has only recently been published but it appears 32-bit Windows operating systems have inherited the flaw since NT 3.1.

Microsoft issued a Security Advisory on the vulnerability. The software giant described the flaw as an "Elevation of Privilege (EoP) vulnerability in the Windows kernel, affecting all currently supported versions of 32-bit Windows." 64-bit versions of Windows, including Windows Server 2008 R2, are not affected. The problem exists due to a flaw in the Virtual DOS Machine (or VDM), which was used to support 16-bit applications. The flaw allows for a 16-bit program to manipulate the kernel stack of processes.

In a company blog posting on Thursday, Jerry Bryant, Sr. Security Communications Manager at Microsoft confirmed "we are on track to release an update for this issue next Tuesday (February 9)." Microsoft will also be releasing 13 bulletins - five rated Critical, seven rated Important, and one rated Moderate - addressing 26 vulnerabilities.
The administrator has disabled public write access.

Re: Microsoft set to fix17yearold Windows vulnerability nxtweek 6 years 10 months ago #33572

  • ZiPPy
  • ZiPPy's Avatar
  • Offline
  • Expert Member
  • Posts: 500
  • Karma: 0
What's your source on this?


ZiPPy
ZiPPy
The administrator has disabled public write access.

Re: Microsoft set to fix17yearold Windows vulnerability nxtweek 6 years 9 months ago #33589

  • Alans
  • Alans's Avatar
  • Offline
  • Senior Member
  • Posts: 230
  • Thank you received: 1
  • Karma: 0
Actually it looks like it is true, according to:
www.h-online.com/security/news/item/Wind...s-Update-908917.html

Tavis Ormandy foud it, and in MS site, they thanked him for reporting this:
www.microsoft.com/technet/security/Bulletin/MS10-001.mspx
always Face your Fears...
The administrator has disabled public write access.

Re: Microsoft set to fix17yearold Windows vulnerability nxtweek 6 years 9 months ago #33599

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
DOS is alive and well, underneath it all, no matter what they tell us! I feel young again...
The administrator has disabled public write access.
Time to create page: 0.085 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup