Researchers say they have found severe Windows vulnerability - over 500 million PCs may be exposed

Microsoft | Mar 12, 2018 | Master3395

Researchers say they have found severe Windows vulnerability - over 500 million PCs may be exposed

Microsoft is investigating the matter.

Researchers at Padua University in Italy say they have discovered a design weakness in the Control Flow Guard (CFG) - a security layer in Windows 8.1 and 10. The Italian researchers call the vulnerability of "Back to the Epilogue" (BATE).

- Design error
CFG was first released with Windows 8.1 Update 3 and is also part of Windows 10, preventing, among other things, attackers from running code in any area of ​​the system.

University researchers say that, in an effort to improve performance and make CFG backward compatible, Microsoft has made several design errors, which means they are able to cross the security team.

According to reports, which can be read in its entirety here, more than 500 million PCs are exposed to attacks. The research team plans to demonstrate BATE weakness - using the Edge browser in Windows 10 - during the Black Hat Asia Conference, which will be released later this month.

Examining the case
Microsoft states in a statement that it investigates the findings of the researchers. Andrea Biondo, one of the researchers, says that as far as they know, Microsoft will close this gap in the RS4 update. That is, the wet update is expected in a short period of time.

Keywords: Microsoft, security, windows10

Sources: Dark Reading

Author: Master3395


comments powered by Disqus

Page 1 of 344  >  >>

Microsoft has cleared up the Media Player failure


Dec 17, 2018 | Category: Microsoft | Comments

You can download the update now.

You may remember the big rash that has occurred when the October 10 update to Windows 10 broke Windows Media Player, and Microsoft has later promised an update to fix it around mid-December.

read more…

Facebook's headquarters evacuated


Dec 16, 2018 | Category: General | Comments

Received a bomb threat.

American police have gone to the street where both Facebook and the subsidiary Instagram have their headquarters after an anonymous tip came to the New York police.

read more…

Encrypted Messaging Apps Vulnerable To Side-Channel Attacks Including WhatsApp, Telegram, and Signal!


Dec 15, 2018 | Category: IT | Comments

WhatsApp, Signal, and Telegram have all been around for a while. Though a lot of instant messaging apps were already available, people have quickly switched to these encrypted messaging apps in an attempt to secure their conversations from snoopers. While things looked good with regards to encryption, a recent study by Cisco Talos has revealed some shocking facts. Allegedly, most of these popular, supposedly secure IM apps are vulnerable to side-channel attacks.

read more…

Page 1 of 344  >  >>