There is no shortage of major exploits right now, as a lot of software and hardware solutions remain prone to cyber attacks. Google researchers have come across a new exploit that affected the Windows ecosystem. Luckily, Microsoft issued a patch to address the problem. However, there is a lot of concern as to why this vulnerability existed in the first place.
The Wormable Windows Remote Code Execution Exploit
Rest assured this particular vulnerability will go in the history books as one of the biggest threats to the Windows operating system ever. Two security researchers came across a remote code execution vulnerability that could have proven to be catastrophic for Windows users all over the world. In fact, they labeled it as “crazy bad”, which goes to show how severe this problem could have been.
I think @natashenka and I just discovered the worst Windows remote code exec in recent memory. This is crazy bad. Report on the way. ???
— Tavis Ormandy (@taviso) May 6, 2017
It is thanks to initiatives such as Project Zero security researchers can come across this problem before criminals can exploit the vulnerabilities. The Google initiative is designed to help discover and patch zero-day exploits found in third-party software products. In this particular case, the third-party software product is the most commonly used computer operating systems in the world
Although it remains a bit unclear as to what this remote code exploit is capable of exactly, it was severe enough to force Microsoft into patching it very quickly. The patch was issued earlier today, and the company acknowledges the vulnerability exploits the Microsoft Malware Protection engine. That is not good news by any means, but the most important part is how the issue has been addressed in a timely manner.
It appears this particular exploit could cause quite a few nasty side effects. Attackers and victims would not need to be on the same Local Area Network, which is quite problematic in its own right. Additionally, the exploit can be used on default Windows installation. This means assailants can hijack any system without the user having to download additional software.
Moreover, it appears this exploit is wormable, a trend designated to indicate how it can self-replicate to affect other systems as well. Luckily, Microsoft caught wind of the problem and issued an emergency patch. All windows users are advised to update their installation of the latest patch ASAP. Since virtually every Windows computer is susceptible to this attack until patched, the damage could be quite staggering if left unpatched.
All of this goes to show criminals will mainly target operating systems and vulnerable software at any given time. Now that not all future attacks require users to download specific software, things are looking very bleak. This may only be a sign of things to come, which does not bode well. Computer users will need to be very cautious moving forward, that much is evident.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.
