Jump to content

  • Log in with Facebook Log in with Twitter Log In with Google Log In with Steam Sign In
  • Create Account

Microsoft releases massive Windows patch to protect users from hackers

  • Please log in to reply
No replies to this topic

OFFLINE   sincity


    Advanced Member

  • Members
  • PipPipPipPip
  • 2523 posts
Getting Better
Microsoft releases massive Windows patch to protect users from hackers

Microsoft has moved to patch-up a critical vulnerability in Windows that it worked to repair for over a year after it was first reported.

Two separate patches (MS15-011 and MS15-014) were released in tandem that, when employed together, plug a gap in group policies and limit the threat of a third-party code execution that could allow hackers to take "complete control of an affected system."

MS15-011, the more critical of the two patches, prevents that control taking place and Microsoft warned that if not installed could "allow remote code execution if an attacker convinces a user with a domain-configured system to connect to an attacker-controlled network."

One of the typical ways it was able to be used was through an on-LAN or man-in-the-middle attack where corporate data on Windows machines was vulnerable when connected to a non-trusted network without the use of a virtual private network (VPN).

Windows Server 2003 gets no patch

JAS Global Advisors brought the problem to Microsoft's attention in January 2014 and kept it quiet so that Microsoft could work on a solution to fix what is called "complicated issue" by JAS, and it was sympathetic to the length of time it took.

The patch covers Windows Vista; Windows Server 2003, 2008, 2008 R2, 2012, and 2012 R2, Windows 7, 8 and 8.1; and Windows RT and RT 8.1. Of all those, Windows Server 2003 is the only one that won't be receiving a patch and anyone using it is advised to upgrade.

Via: The Inquirer

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users