Home / Explore Technology / Security / Google Researchers Discover ‘Worst’ Windows Bug

Google Researchers Discover ‘Worst’ Windows Bug

Apple may now be the richest company, but it's Microsoft's operating system that still loads on most of our desktops and laptops around the world. So when a major security bug is discovered it's important it gets fixed quickly. And Google researchers recently discovered a really serious one in Windows Defender of all places.

The bug was discovered by Google Project Zero vulnerability researchers Tavis Ormandy and Natalie Silvanovich. As the tweet by Ormandy below notes, this is the "worst Windows remote code exec" bug discovered as far as he can remember.

The vulnerability allows remote code execution if the Microsoft Malware Protection Engine "scans a specially crafted file." If successful, the attacker is then able to run whatever code they like on the breached system as well as using it to start infecting other Windows machines.

Related

According to Engadget, the vulnerability is present on Windows 7, 8.1, RT and Windows 10, meaning just about everyone running Windows is vulnerable.

So you won't be surprised to hear that Microsoft marked the bug as Critical and already has a fix available to close the security hole. It should be applied to your system automatically over the next few days, or you can manually trigger a Windows Update to install the patch now.

Read more

Check Also

Have You Been Pwned? Firefox Tool Will Tell You

Firefox Monitor lets people check their email addresses against the popular Have I Been Pwned data breach database. Password manager 1Password has also integrated Have I Been Pwned into its Watchtower service on the web.

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer: Trading in bitcoins or other digital currencies carries a high level of risk and can result in the total loss of the invested capital. theonlinetech.org does not provide investment advice, but only reflects its own opinion. Please ensure that if you trade or invest in bitcoins or other digital currencies (for example, investing in cloud mining services) you fully understand the risks involved! Please also note that some external links are affiliate links.