The AchieVer Posted March 8, 2019 Share Posted March 8, 2019 Google: Abandon Windows 7 and Upgrade to Windows 10 Right Now Google recommends Windows 7 users to upgrade to Windows 10 if possible, as a kernel vulnerability allows for local privilege escalation on the operating system. Clement Lecigne, Threat Analysis Group, explains that in late February, Google discovered two different security vulnerabilities, one in Google Chrome browser and another one in Windows. The Chrome bug has already been patched with the release of update 72.0.3626.121, but the Windows 7 security flaw is yet to be fixed. Microsoft says the vulnerability resides in the Windows win32k.sys kernel driver and it can be used as a security sandbox escape. Windows 10 doesn’t seem to be affected, Google says, as this operating system version comes with additional mitigations that make it possible to block exploits. “We strongly believe this vulnerability may only be exploitable on Windows 7 due to recent exploit mitigations added in newer versions of Windows. To date, we have only observed active exploitation against Windows 7 32-bit systems,” Lecigne notes.Upgrade to Windows 10 ASAPThe Google security researcher says the bug was reported to Microsoft and the software giant is working on a fix already. “In compliance with our policy, we are publicly disclosing its existence, because it is a serious vulnerability in Windows that we know was being actively exploited in targeted attacks. The unpatched Windows vulnerability can still be used to elevate privileges or combined with another browser vulnerability to evade security sandboxes,” the advisory notes. Until Microsoft delivers a fix, the only way to stay secure is to upgrade to Windows 10, Google says. When patches become available, users should install them as soon as possible on Windows 7. Launched in 2009, Windows 7 is projected to reach the end of support in January 2020, so home users and enterprises alike are now urged to upgrade to Windows 10 to continue receiving security updates. Source Link to comment Share on other sites More sharing options...
straycat19 Posted March 8, 2019 Share Posted March 8, 2019 Surely they jest. Get rid of a very stable, secure operating system for Microsoft's Beta Forever Windows 10 is ludicrous. The best thing that can happen to Windows 7 is that Microsoft will quit screwing around with it next year and I won't have to continually block their stupid updates. Link to comment Share on other sites More sharing options...
moopster Posted March 8, 2019 Share Posted March 8, 2019 Abandon all Hope Ye Who Enter Here Link to comment Share on other sites More sharing options...
funkyy Posted March 8, 2019 Share Posted March 8, 2019 32 minutes ago, moopster said: Abandon all Hope Ye Who Enter Here Abandon all hope Ye who believe a word Microsoft says in their latest scare-mongering tactic in another blatant attempt to push people to install Win 10 (BETA). I could understand a little if Win 10 (BETA) was a smooth running stable system without the disastrous patch Tuesdays that it has heaped on users....but until it is a smooth running stable system I'll pass thank you very much.😀😀😀 Link to comment Share on other sites More sharing options...
luisam Posted March 9, 2019 Share Posted March 9, 2019 20 hours ago, The AchieVer said: “We strongly believe this vulnerability may only be exploitable on Windows 7 due to recent exploit mitigations added in newer versions of Windows. To date, we have only observed active exploitation against Windows 7 32-bit systems,” OK, so what does this means in plain language? Actually, does it mean anything? In any case, if anything, it implies that Windows 7 64 bits is safe Link to comment Share on other sites More sharing options...
Karlston Posted March 9, 2019 Share Posted March 9, 2019 8 hours ago, luisam said: OK, so what does this means in plain language? Actually, does it mean anything? In any case, if anything, it implies that Windows 7 64 bits is safe From the article, only 32-bit Windows 7 is vulnerable right now, and then presumably only until Microsoft rolls out a patch. The implication is that 64-bit Windows 7 and all Windows 8, 8.1, and 10 versions are already protected. So despite Google's advice, upgrading to Windows 8.1 or to 64-bit Windows 7 are also options to avoid the vulnerability. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.