Skip to comments.Windows 7 Zero-Day Unpatched Vulnerability Is Being Exploited in the Wild (my title)
Posted on 03/08/2019 8:34:11 PM PST by dayglored
Article title: "Disclosing vulnerabilities to protect users across platforms"
... The second vulnerability was in Microsoft Windows. It is a local privilege escalation in the Windows win32k.sys kernel driver that can be used as a security sandbox escape...
We strongly believe this vulnerability may only be exploitable on Windows 7 due to recent exploit mitigations added in newer versions of Windows. To date, we have only observed active exploitation against Windows 7 32-bit systems.
Pursuant to Googles vulnerability disclosure policy, when we discovered the vulnerability we reported it to Microsoft. Today, also in compliance with our policy, we are publicly disclosing its existence, because it is a serious vulnerability in Windows that we know was being actively exploited in targeted attacks. The unpatched Windows vulnerability can still be used to elevate privileges or combined with another browser vulnerability to evade security sandboxes. Microsoft have told us they are working on a fix.
As mitigation advice for this vulnerability users should consider upgrading to Windows 10 if they are still running an older version of Windows, and to apply Windows patches from Microsoft when they become available. We will update this post when they are available.
Microsoft has not yet patched this flaw.
Those of us who prefer Windows 7 to Windows 10 need to be aware that these things are out there, and that come January 2020 when Microsoft stops releasing security updates for Windows 7, we're going to have our tushes in the breeze.
Thanks to ShadowAce for the ping!
Does anyone know if Window 98 is vulnerable to this attack?
Wondering if I should upgrade my operating system.
Required title :
Disclosing vulnerabilities to protect users across platforms
Wish I could do the same for my wife's W 10 laptop that freezes during updates, requires re-connect to the wi-fi after some damn thing or another.
Farqing MS with the eternal diddling.
I can assure you that this vulnerability is hogwash.
Now, may I interest you in great opportunity? I am Nigerian prince attempting to escape my country from civil unrest. Help me remove my fortune of 50 million American dollars from country. I will need your bank account. I will give you 10 percent cut. PM me for details.
I love my Windows 7!!!!!!!!
Well, they had to wrest 98 out of my hands to upgrade to Win 7.
I still use W7 but it keeps telling me to upgrade my browser. Its all Greek to me. I just hope I dont lose all my pix and files come 2020!
Definitely you should upgrade to the latest Windows operating system, Windows Millennium, especially for the improved desktop.
System requirements for running Windows ME
Minimum Recommended x86 CPU : Pentium, 150 MHz Memory: 32 MB Hard drive: 320 MB
If you have any problems with this advanced system, contact dayglored
Just pick up a USB flash drive (Wal-Mart, Office Max, any computer shop) and save your pix etc on to it. You'll have an easy way to transfer them to your next computer.
Thank you. Will ask my daughter to get for me.
In which case neither will they admit it exists. Which is one intrinsic difference between how M$ and the *NIX community operate.
Win 7 BUMP!!
You may well laugh at WinME, it more than earned everyone's derision.
But Win98 SE (Second Edition) was actually a very good single-user, personal (non-business), non-internet OS. It had no security to speak of, but then, those were arguably more innocent days. :-)
I have a VM (virtual machine) of Win98SE. On modern hardware it screams, and it runs my few remaining ancient 90's applications, frankly just as well as Win7 does.
But rather than upgrade to WinME, I would either stay with Win98SE or migrate to WinXP. Granted, Win2000 defined my ideal desktop GUI, and forever afterward, my first steps when installing a fresh copy of XP or 7 is to set the desktop GUI back to Win2000 mode. The fact that Win10 blocks me from doing so (even with the addition of ClassicShell) is one of the reasons I refuse to run Win10 as my default Windows environment. I have a Win10 VM around for software compatibility testing, and to run a few Win10-only applications, but no more than that.
So I'd say, stick with Win98SE if that's what you like. Why? Because it's NOT vulnerable to this attack!! LOL, seriously; AFAIK this vulnerability like most other ones these days, only affects the NT-based editions.
OTOH, stay the heck off the internet with Win98 or any of the DOS-based Windows. They're totally vulnerable to a million other attacks.
#13 I still use the blue background color of windows in that photo. I have Windows 7.
Sorry for not seeing this reply till now, but in conjunction with what you said, I noticed long ago when switching to XP on much better hardware that on basic tasks, like opening folders or something like Notepad, that W/9x was noticeably faster. Things would just like instantly jump into view, whereas with XP and later there was a bit of a lag. Although on this AMD 4350 (4.2ghz) basic things come up very quickly unless the CPU is heavily laden (and under 9x that meant keeping an eye on system resources). Thank God for what we have under grace in Christ.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.