Microsoft just issued a critical patch to fix a 15-year-old vulnerability that could be exploited by hackers to remotely hijack users’ PCs running all supported versions of Windows operating system.
The critical vulnerability — named "JASBUG" by the researcher who reported the flaw — is due to a flaw in the fundamental design of Windows that took Microsoft more than 12 months to release a fix. However, the flaw is still unpatched in Windows Server 2003, leaving the version wide open to the hackers for the remaining five months.
HACKERS CAN EASILY HIJACK YOUR WINDOWS MACHINE
The vulnerability (CVE-2015-0008) could allow an attacker to easily hijack a domain-configured Windows system if it is connected to a malicious network – wirelessly or wired, giving attacker consent to do various tasks including, to go forth and install programs; delete, alter or peruse users' data; or to create new accounts with full user rights.
However, Jasbug vulnerability do not affects home users because they are not usually domain-configured, but the bug is a massive discomfort for IT pros who typically connect to business, corporate, or government networks using the Active Directory service.
The vulnerability, classified as MS15-011, allows hackers who are in a position to monitor traffic passing between the user and the Active Directory network to launch a Man-in-the-Middle (MitM) attack in order to execute malicious code on vulnerable systems.
Source: thehackernews.com
No comments:
Post a Comment