Microsoft Emergency Patch for Windows Zero-Day Bug

Microsoft Emergency Patch for Windows Zero-Day Bug

Microsoft immediate release to fix the exploit in recent Windows Zero-Day bug. The exploit affects Windows 8, 8.1, 10 and Windows Server systems.

The recent flaw was discovered by both Natalie Silvanovich and Travis Ormandy who are researchers for Google’s Project Zero. It exists in the Microsoft Malware Protection Engine and it allowed hackers to take complete control of a system remotely by the user sending an email. Usually exploits need to be open and executed to function, but this one is particularly nasty and simply receiving the message allowed the exploit to wreak havoc. The exploit could also work by encouraging the user to click on a link or accept an instant message.

The reason this bug required such urgent attention and control is because it takes advantage of the Microsoft Malware Protection Engine or MsMpEng, which has significant privileges and accessibility to the system. Hijacking a system allows a hacker to remotely install or delete software, intercept private documents or photographs, create administrative accounts with full access to the system or install additional malware on the system.

An exploit of this magnitude has the potential to be disastrous to individuals, schools and businesses alike. This bug could by triggered merely by the auto defender running a scan and detecting its presence. This creates a significant security risk for systems that run scheduled scans or have real-time protection enabled, meaning that they would be the most vulnerable to the hack. It’s also worth noting that the feature is enabled by default in Windows, which makes it extra dangerous since many users do not modify their system settings and allow the defaults to control how the operating system runs.

Cyber-security expert Graham Cluley acknowledged that a typical anti-virus program is designed to block these exploits before they’re able to reach the computer and give control to hackers. He told the BBC that this type of bug is exactly what hackers are aiming for because they can gain total control of the user’s computer remotely without explicit authorization.

Ormandy announced that the bug existed through his Twitter account by calling it “crazy bad.” A second tweet identified characteristics of the exploit including that it “works against a default install, don’t need to be on the same LAN, and it’s wormable.” A wormable exploit can replicate itself rapidly and spread to other systems on the network. Some small home networks have only a few devices, but large businesses or universities can have thousands of vulnerable systems exposed to the hack. This is probably a bit more information than the general public needed to know. Ormandy and Silvanovich did not give any additional details out in order to allow Microsoft to develop an appropriate fix.

Cluley did mention that he found it risky for Project Zero to release the information about their find on Twitter before a fix was implemented. It could’ve had a more severe impact on the operating system if it wasn’t able to be patched as quickly as it was. This method of releasing information can potentially benefit the hackers. It’s not usually advisable to publish information about exploits because it makes it easier for hackers in the future to exploit the operating system.

Microsoft reacted quickly and released a patch that was sent to all computers running the tool. This update was pushed out a couple hours ahead of schedule. Microsoft typically releases a monthly update with all required patches and updates in one large download to eliminate the hassle of updating weekly or even daily. This exploit obviously warranted immediate attention and action. All individuals using the affected operating systems should immediately install the latest updates to ensure they don’t fall victim to the hack and risk their system’s security. Microsoft mentioned that there had been no reports of the exploit being used at the time, but time is of the essence and being pro-active to patch this bug prevented it from becoming a significant problem worldwide.

Times certainly have changed since the introduction of Windows and Microsoft’s handle of exploits. The quick patch reflects how times have changed with a greater reliance on technology for everyday activities. With the amount of personal information and tasks being conducted on computers on a regular basis, someone gaining control of another’s computer has detrimental effects on productivity and creates a significant privacy risk. Always install the latest updates when they’re released, especially if they’re marked as urgent because you never know if you’re going to be a target of these hackers.

Our accreditations & Partners

  • REC Member
  • VTC - Virtual Technology Cluster
  • Bloom Nepro
  • YPO
  • Crown Commerical Service
  • Disability Confident
  • ISO 9001
  • Armed Force Covenant
  • Cyber Essentials Plus
  • ISO 27001

Thanks

Success

Thanks

Success

Thank you for signing up to the acumin alerts.

Send CV

Send us your CV and have our recruiters match you to the ideal opportunities

Do you already have an account with us?

Log in

Want to have an account with us?

Register

Want to just send us your CV?

Upload only doc, docx, odt, pdf format file.

By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.

Password reset

If you need a reminder for your password, fill out the field below

Log in

Access your account to edit your contact details, job alerts or to upload a new CV

Thank you

Success

Thank you for successfully uploading your CV.

Acumin Alerts

Success

Thanks for registering for Acumin alerts.

Acumin Alerts

Unfortunately your CV could not be uploaded

Please make sure your CV is one of the following file types: doc, docx, odt, pdf, rtf

Acumin Spam

Unfortunately your submission has been declared spam. Please try again.

Vacancy

Success

Thank you for submitting your vacancy.

Register

Create an account to register your contact details, sign up for job alerts and upload your CV

Success

Thanks for registering for Acumin alerts. To get the most out of Acumin's service why not register with us?

Upload only doc, docx, odt, pdf format file.
- Practitioner
- Commercial

I agree to the terms and conditions and to be contacted by recruiters:

I agree to receive marketing communications relevant to my job search:

I agree to receive Jobs By Email for the following professions:
- Business Continuity Management
- Counter Fraud
- Cyber Security
- Executive Management
- Governance & Compliance
- Information Security & Risk Management
- Penetration Testing & Digital Forensics
- Sales and Marketing
- Sales Engineering
- Security Management
- Technical Security
- Information/Risk Assurance
- Identity Management
- Application Security
- Security Architecture
- Dev/Sec Ops
- DV & SC Cleared Jobs
- Programme & Project Management
- CISO/CSO

Submit a Vacancy

Use the form below to submit a vacancy