Microsoft Patch Tuesday Fixes Many Vulnerabilities Including a Very Old Windows Bug: 19 Years Old to be Precise

In the most recent Microsoft Patch Tuesday, one of the vulnerabilities that was addressed was a very old one that existed for the past 19 years.

Researchers from IBM discovered the bug, which had been around for all versions of the Windows operating system that Microsoft had released since 1995.

The vulnerability was found back in May, but IBM decided to work with Microsoft for the correction of the problem before revealing its discovery to the general public.

Microsoft finally addressed the problem with its monthly security update for November, which includes 14 patches and a couple more to be released soon.

The bug can be exploited by hackers to take over the control of a PC remotely, as explained in detail by Robert Freeman, a researcher for IBM, in a blog post.

"The bug can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user's machine," Freeman wrote, adding that the vulnerability had been "sitting in plain sight."

A drive-by attack in computer security terms means that users are made to download malware, infecting their PC and opening it up to attackers.

Named WinShock, the bug has received a grade of 9.3 out of 10 in the CVSS, or Common Vulnerability Scoring System, which measures how severe the vulnerability is for the security of computers.

The discovery of WinShock represents two things, wrote Freeman. First is that such bugs could take years or decades to be detected, with WinShock already present in the original code of Windows 95. Remote exploitation using the bug became possible with Internet Explorer 3.0's release, as the program began to use Visual Basic Script that attackers can compromise.

The second thing is the indication that there could be other vulnerabilities that are yet to be discovered which focus more on the manipulation of arbitrary data, as WinShock does.

WinShock is also present in the Windows Server platforms, increasing the security risk of websites that are tasked with handling encrypted data.

Specifically, the vulnerability relates to the Microsoft Secure Channel, also called Schannel, which is the software of Microsoft for the implementation of secure data transfers.

Schannel joins Apple's SecureTransport, OpenSSL, SNUTLS and NSS as major security standards that have been discovered this year to have significant flaws.

While there is no evidence that WinShock has been exploited, the issuance of the patch would mean that hackers would be trying to attack older, outdated systems using the vulnerability.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics