Jump to content


Microsoft just fixed a two-decades-old Windows security bug

  • Please log in to reply
No replies to this topic

OFFLINE   sincity


    Advanced Member

  • Members
  • PipPipPipPip
  • 2980 posts
Getting Better
Microsoft just fixed a two-decades-old Windows security bug

Microsoft has issued a patch for a security bug that, unbeknownst to anyone, has plagued every version of Windows since Windows 95.

The bug, had anyone actually discovered it before now, apparently could have allowed attackers to set up websites that let them run code remotely on your machine, even taking it over, if you visited them.

An IBM research team discovered the exploit earlier this year, and Microsoft just now patched it.

Luckily the researchers - IBM's corny-named "X-Force" - "hasn't found any evidence of exploitation of this particular bug in the wild," IBM's Robert Freeman wrote on IBM's Security Intelligence blog.


Freeman described the bug as "rare" and "unicorn-like" - both because it sidesteps all of Internet Explorer's and Windows' built-in protections, and because it went so long undetected.

Hindsight is 20/20, and in hindsight Microsoft probably should have noticed this serious security issue back when it was introduced almost 20 years ago.

But no harm, no foul, we guess, and it at least makes for a good headline.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users