Microsoft claimed that there is a major security flaw in the memory allocation code of various devices, including healthcare gears, industrial control systems, and more.
The tech giant claimed that this security issue could lead to hijacking, making tons of devices at risk of a possible major breach. Because of this, Microsoft is now urging its users to install the latest firmware releases to prevent the memory allocation code security issue.
"To date, Microsoft has not seen any indications of these vulnerabilities being exploited. However, we strongly encourage organizations to patch their systems as soon as possible," said the tech giant company.
"At the same time, we recognize that patching IoT/OT devices can be complex. For devices that cannot be patched immediately, we recommend mitigating controls," added Microsoft.
Can You Avoid Microsoft's newly found security flaw?
According to Daily UK News' latest report, Microsoft suggested that users need to do these to avoid the new memory allocation security flaw. It added that these methods are efficient for devices that can't be patched immediately:
- Implement network security monitoring to detect behavioral indicators of compromise.
- Reduce the attack surface by minimizing or eliminating exposure of vulnerable devices to the internet.
- Strengthen network segmentation to protect critical assets.
On the other hand, the United States government's Cybersecurity and Infrastructure Agency (CISA) also provided 25 software that could be affected by the newly discovered security flaw.
These include Google Cloud's IoT Device SDK, Red Hat's newlib, Windriver's VxWorks, Amazon's FreeRTOS, Arm's Mbed OS, and more.
How Does the New Memory Allocation Code Flaw Work?
The Register reported that the new programming flaw happens when a hacker sends a fool the user's device application code into making a very large memory allocation. This allows the gadget's buffer to hold further incoming information.
Cybercriminals can do this by sending malicious data into their victims' devices. Because of the large data sizes, the allocations of the user's device is are expected to fail, allowing them to hijack the victim's gadget.
For more news updates about Microsoft's memory allocation flaw and other security issues, always keep your tabs open here at TechTimes.
Related Article : Your Internet-Connected Device Could Be at Risk of Bug Exploitation--Singaporean Security Firm Identifies Possible Infected Devices
This article is owned by TechTimes
Written by: Griffin Davis