Car Hacking: More likely to be done by a mechanic than by a hacker
infosec

Car Hacking: More likely to be done by a mechanic than by a hacker

When we talk about car hacking, it comes to mind a hacker who gets remote access to the car system ...
Read More
infosec

Sri Lanka: Blocks access to social media

The government of Sri Lanka has temporarily blocked access to various social media services following deadly explosions that erupted ...
Read More
infosec tweaks

How to hack networks with Wi-Fi passwords

Probably you have a Wi-Fi network in your home or stay close to one (or more) that appears in ...
Read More
infosec tweaks

What is Social Engineering, what are its techniques and how to protect yourself?

Social Engineering is the term used for a wide range of malicious activities that are accomplished through human interactions. Uses the ...
Read More
infosec tweaks

Cryptocurrency: Ways to Enhance Your Privacy

Privacy and privacy on the internet are of great importance. It is not enough to take one or two measures to protect ...
Read More
Latest Posts

Extremely dangerous vulnerability affects Windows - Upgrade immediately

Google Project researchers, Tavis Ormandy and Natalie Silvanovich have discovered a most dangerous vulnerability in Windows over the weekend, automatically giving Microsoft a 90 days margin to fix it.

Windows

Researchers have announced their find via Twitter, saying it is the worst remote code execution [flaw] detected in Windows.

Following the disclosure of the researchers, Microsoft hastened to repair the vulnerability, which it did in record time, with the update available now being sent through Windows Update.

The giant of the software provided more information about the security gap, explaining that it affected the Windows 7, 8.1, RT, and 10 anti-malware protection engine.

The vulnerability of running remote code discovered can allow an attacker to take control of a system with the help of properly configured emails, infected sites, or malicious instant messages.

The worst thing is that attackers can take advantage of the flaw without users reading malicious emails or opening attachments, so Google security experts rushed to classify it as one of the critical remote security vulnerabilities it has recently discovered in Windows.

Microsoft researchers explain that if real-time protection is enabled in a vulnerable system, scanning infected files automatically turns on exploit. If this option is disabled, the attacker must wait until the users manually scan the files.

Microsoft recommends that users update their systems as soon as possible by indicating that the Malware Protection Engine update is 1.1.13704.0. The vulnerable version is 1.1.13701.0.

"The update addresses a vulnerability that could allow remote code execution if Microsoft's anti-malware protection engine scans a specially crafted file. If an attacker successfully exploits this vulnerability, he can run arbitrary code on the LocalSystem account and take control of the system, "explains Microsoft.

Since the LocalSystem account has access to almost all resources, there may be even more serious safety implications, researchers said.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *