Social Icons

Friday, August 16, 2019

Windows victim of a series of ultra-critical vulnerabilities
Microsoft has patched vulnerabilities to create worms on Windows 7, Windows 8 and Windows 10. The publisher has also corrected a 20-year-old loophole to elevate privileges.
Yesterday, on the occasion of its Patch Tuesday, Microsoft released patches to be installed urgently, if it is not already done. Indeed, they clog a series of ultra-critical flaws, particularly affecting the latest versions of the operating system. Two flaws similar to "BlueKeep" have been found by Microsoft security researchers (CVE-2019-1181 and CVE-2019-1182).

As a reminder, BlueKeep is a vulnerability in Remote Remote Protocol Protocol (RDP). Detected last May, it allows to create worms for old systems such as Windows XP and Windows 7. It has a potential destructive equivalent to WannaCry or NotPetya.

Three versions of Windows concerned
This is also the case of the two new flaws, which also make it possible to create computer worms. But in their case, it's even worse because they affect the latest versions of the operating system, namely Windows 7, Windows 8 and Windows 10.

At present, it is difficult to know how many computers are affected by these new vulnerabilities. Some experts believe that it's more than for BlueKeep. At the end of last July, more than 788 000 Windows computers were still vulnerable to this first flaw (source: BitSight).

Hack Windows from Notepad
Patch Tuesday also plugs a flaw (CVE-2019-1162) that resides in all Windows systems for more than 20 years. It was found by Tavis Ormandy, a security researcher at Google Project Zero, and provides system privileges from any application.

The problem lies in CTextFramework, a library that handles text input and keyboard layout. This software, which dates from the Windows XP era, is actually riddled with flaws.

As an example, the researcher has successfully launched a command prompt with system privileges since ... Notepad.

No comments:

Post a Comment

Category Of Mobile Courses

Actualités (644) Adsense (1) Affiliation (1) Algebraic Topology (2) Algorithmic (1) all-news (30) Android (5) Android App (8) Android app without code (4) Android Apps (256) Android Development (4) Android download (2) Android OS (3) AngularJS (1) Automata theory and formal language (5) C programming (5) Category and Functor (8) CMS (3) Computer Glossary (18) Create Mobile App With Ionic Framework (2) CSS (2) CSS-Cascading-Style-Sheets (4) Developpement Java (13) Differential Geometry (1) Django-Python-Framework (9) dropshiping (26) Earn Money by Internet (4) Emplois (23) Framework php (2) Fraud (2) HTML (7) Java For Beginners (10) Javascript (12) Kotlin Programming Language (8) Kotlin For Mobile Android (1) Linux Download (2) Marketing (5) Mobile (3) Mobile Courses (4) Mobile Marketing (4) MoneyGram (1) News (721) Node.js (5) Open Source (1) Photoshop (1) Protect Computer (1) Python (35) Python BeautifulSoup (1) Python For Data Science (2) Python PyQt (4) Python Reference (1) Python-Books (6) Python-DVD-Training (1) Python-Exercises (219) Python-Framework (1) Python-IDE (1) Python-Kivy-Framework (2) Python-Modules (1) Python-pdf (2) Python-pyQt (1) Référencement (2) Script PHP (2) Security (6) SEO (1) Snipping Tool: Faq (1) Social Networks (1) Source Code (1) Statistics With SPSS (2) Surveillance Software (1) Travail à domicile (6) Tutoriels php en vidéos (2) Tutoriels-MySql (6) tutoriels-php (19) Utilitaires (1) VPS (1) Web Hosting (1) Webcam (1) Webmarketing (11) Western Union (1) Windows 10 (1) Windows 7 (4) Windows 7 Faq (2) Windows 8 (1) Windows Accessories (1) Windows Download (8) Windows Drivers (1) Windows Fonts (1) Windows Power Shell (2) Windows Registry (2) Windows Security (18) Windows Software (2) Windows Spyware (2) Windows utilities (3) Windows Virus (2) Windows Vista (3) Windows Wireless (1) Windows xp (1) Wordpress (1)

Sample text

Sample Text

Blogger Templates