Microsoft has managed to patch a highly dangerous bug in Windows that has been floating around in the virtual world for almost 19 long years. The bug, dubbed as WinShock, has existed in every Window version starting from the time when Windows 95 was the hot thing. The flaw in the system was discovered by IBM security researchers earlier this year and the authorities concerned at Microsoft were also notified about the existence of the flaw in their operating system. The specialized bug works in the benefit of hackers by allowing them to remotely execute code on an affected system by luring in users to click on a specific URL link in Internet Explorer to direct them to a malicious website. The IBM security experts said that the bug can work effectively on Internet Explorer 3.0 and later versions that support Windows.
Robert Freeman, a researcher at IBM, said, “This vulnerability has been sitting in plain sight for a long time despite many other bugs being discovered and patched in the same Windows library.” He also described the bug as being “rare” and ‘unicorn-like’ that has been sitting in thousands of Windows operating systems worldwide.
Freeman said that the bug relied on a loophole present in VBScript, which was first introduced in Internet Explorer 3.0, and has resisted all attempts from Microsoft to tame it effectively, even when the software giant has anti-exploitation tools (known as Enahnced Mitigation Experience Toolkit) at their disposal.
For now, Microsoft has released 14 patches in its monthly security update for Window 8.1, Windows 7, Windows Vista, with the exception of Windows XP since Microsoft stopped supporting this system in April earlier this year. Reports coming in from security experts indicate that the bug might not have been exploited in the wild yet, but they still believe that it is as much dangerous as any other bug. Therefore, it has achieved the rating of 9.3 out of 10 on the Common Vulnerability Scoring System (CVSS) which only means that it is far better to update your system with the Microsoft updates rather than waiting for the bug to entirely overtake your computer.
One Hardy Bug
Freeman wrote about the bug by saying, “The bug can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user’s machine.” In the world of information technology the term drive-by attacks is used when users are made to download malicious software. The hardy bug has remained active for so many years that it would have most likely grabbed more than six figures if sold to cybercriminals.
The penetrative ability of the bug could be gauged from the fact that it also thrives in Microsoft’s Windows Server platforms, which means that websites that handle encrypted data are at a risk of being exploited by this bug. It has also integrated well with Microsoft Secure Channel, known as Schannel, which enables the transfer of secure data. The high level secure standards, including Secure Transport, GNUTLS, OpenSSL and NSS, have all unearthed flaws in their systems with Schannel joining the list as the latest entry.
The Bug Matters Because…
The discovery of this bug has led security experts to revise their ideas about vulnerabilities that are present in our computer systems, since this one successfully evaded detection for nearly two decades. It is also an important revelation because this vulnerability involves arbitrary data manipulation which is not very common in the virtual world. The finding of WinShock has convinced security experts that there might be other similar bugs doing rounds around different operating systems and which could be used by hackers to crash into a system to take complete control of it once activated. Hackers have all kinds of techniques at their disposal that could include, remote access tools, keyloggers and screen grabbers. Users should make haste and install the latest updates in their operating system to save themselves from inconvenient computer bugs.
Image credit: 360b / Shutterstock.com