Windows Might Have a Serious Bug

Windows systems have a new, serious bug. The bug, a proof-of concept code, can allow a remote attacker to take over Windows systems, warn security experts. Windows XP with Service Pack 2 installed can also be attacked by this bug. The exploit code, developed by ComputerTerrorism, takes advantage of an unpatched Explorer bug which was once considered harmless, Techworld reports.

Techworld reports the bug lures a user to a malicious website, or embeds malicious code in a trusted site. Because Microsoft hasn`t fixed the vulnerability, the only reliable protection for Explorer users is to disable Active Scripting, said security researchers. `Currently, the only way to protect against exploitation of this vulnerability is by disabling active scripting or by using another browser,` said Thomas Kristensen, chief technical officer of security firm, Secunia.

`Contrary to popular belief, the aforementioned security issue is susceptible to remote, arbitrary code execution, yielding full system access with the privileges of the underlying user,` ComputerTerrorism said in an advisory. Previously, the bug was thought to only allow attackers to crash a target system.

                                 

Related News: