Every version of Windows hit by "critical" security flaw

[tomm]

 

Microsoft has patched a security vulnerability found in every supported version of Windows, which if exploited could allow an attacker to take over a system.

 

The software giant said in a bulletin posted Tuesday as part of its monthly release of security fixes that the the "critical" flaw could let an attacker remotely install malware, which can be used to modify or delete data, or create new accounts with full user rights.

 

The "critical"-rated flaw affects Windows Vista and later -- including Windows Server 2008 and later.

 

Those who are logged in as an administrator, such as some home accounts and server users, are at the greatest risk.

 

An attacker could exploit the flaw by conducting a man-in-the-middle attack on a system or print server and injecting malicious code. That's possible because the print spooler service doesn't properly validate print drivers when installing a printer.

 

Nicolas Beauchesne, a security researcher at Vectra Networks, who was credited with finding the flaw, explained in a blog post how the flaw works.

 

"Normally, User Account Controls are in place to warn or prevent a user from installing a new driver. To make printing easier, an exception was created to avoid this control," he said. "So in the end, we have a mechanism that allows downloading executables from a shared drive, and run them as system on a workstation without generating any warning on the user side. From an attacker perspective, this is almost too good to be true, and of course we had to give it a try."

 

The end result was turning a printer into a "drive-by exploit kit," said Beauchesne, "where we can just wait for people to come get infected without any warning."

Microsoft said that a patch has corrected the issue, and is available for download through the usual Windows Update channels.

 

Source

[straycat19]

For a minute I thought he had found the flaw I talked about months ago in Windows 10, but it isn't and the latest release (14388) still has it.  

[Holmes]

The flaw in windows three point one?  DId you personally find this flaw or did someone you work with find it?  If you or someone you work with truly did find a flaw thats in windows ten thats also in windows three point one giving it to microsoft for free is stupid I would report it report that you have it dont tell them where it is unless they decide to pay you money for it.