Recent reveals suggest that Windows is hiding quite a few vulnerabilities that hackers could exploit at any moment. Microsoft boasts about its Edge browser, claiming no zero-day exploits thus far, but the truth is that the Windows OS has design flaws that potentially impacts all Windows versions.
At the beginning of June, we reported about a zero-day vulnerability with a source code worth $90,000, an extremely dangerous vulnerability since it lets hackers elevate the privileges of any software process to the system level. We are still not sure whether this information was accurate or not since no news emerged since then, nor is it known whether someone actually bought the source-code or if the vulnerability does indeed exist.
Another zero-day vulnerability has recently been detected, but Microsoft’s Security Team managed to push out a patch for it, preventing malware attacks that could have exploited this flaw. The vulnerability was discovered by a researcher from China who revealed that the flaw allowed hackers to hijack a victim organization’s network traffic.
This vulnerability has a massive security impact – probably the widest impact in the history of Windows. It not only can be exploited through many different channels, but also exists in all Windows versions released during the past 20 years. It can be exploited silently with a near perfect success rate.
The most troublesome news revealed by the researcher suggested that the vulnerability could have been exploited via all versions of Microsoft Office, Edge, and third-party Windows apps. To make sure your system is fully protected, download Microsoft’s latest security patch.
Speaking of threats, Microsoft also warned users about a new macro trick used to activate ransomware. All this while a large swath of users continue running unsupported Windows XP and IE versions, turning their computers into sitting ducks for hackers.
RELATED STORIES YOU NEED TO CHECK OUT:
- Bing now offers malware and phishing warnings, protecting you better from threats
- The Hacked? app for Windows 10 detects breaches in your email account to keep you safe
- Outdated Windows and IE versions still used by many companies, making malware attacks imminent