Microsoft Patches Two-Decade Crack in Windows Software
This morning I woke up to the usual black Tuesday hangover, just a bit larger than normal with 21 updates from Microsoft.
The vulnerability, disclosed by IBM security researchers, has been in every Windows operating system since 1995 and could allow a hacker to take control of computers after luring Internet Explorer browser users to booby-trapped Internet pages.
A hacker who successfully exploited the weakness could have the same control of a machine as the user, but taking advantage of the flaw was deemed “tricky” and there was no evidence hackers had managed to pull off such a move.
“We released Security Bulletin MS 14-064 to help protect customers against this issue and customers with automatic updates enabled do not need to take an action as they are automatically protected,” Microsoft said in an email response to an AFP inquiry.
More: Microsoft Patches Two-Decade Crack in Windows Software