{"id":2827,"date":"2017-05-08T19:35:37","date_gmt":"2017-05-08T17:35:37","guid":{"rendered":"http:\/\/borncity.com\/win\/?p=2827"},"modified":"2022-11-04T11:54:16","modified_gmt":"2022-11-04T10:54:16","slug":"windows-has-a-critical-wormable-vulnerability","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2017\/05\/08\/windows-has-a-critical-wormable-vulnerability\/","title":{"rendered":"Windows has a critical wormable vulnerability"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2013\/03\/winb.jpg\" width=\"58\" align=\"left\" height=\"58\">[<a href=\"http:\/\/www.borncity.com\/blog\/2017\/05\/08\/neue-kritische-windows-lcke-entdeckt\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]It's a bit cryptic, what Google security experts Natalie Silvanovich and Tavis Ormandy from project Zero just revealed. They claim, they has discovered the 'worst Windows remote code exec in recent memory'. Update: Microsoft issued a fix for this vulnerability in Malware Protection Engine.<\/p>\n<p><!--more--><\/p>\n<p>Tavis Ormandy posted last Saturday a Tweet mention this security hole in standard Windows installs. <\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"de\">\n<p lang=\"en\" dir=\"ltr\">I think <a href=\"https:\/\/twitter.com\/natashenka\">@natashenka<\/a> and I just discovered the worst Windows remote code exec in recent memory. This is crazy bad. Report on the way. <\/p>\n<p>\u2014 Tavis Ormandy (@taviso) <a href=\"https:\/\/twitter.com\/taviso\/status\/860679110728622080\">6. Mai 2017<\/a><\/p><\/blockquote>\n<p><script async src=\"\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script> <\/p>\n<p>Currently no details about the affected Windows component are released. Tavis wrote, that attacker don't need to be in the same network of the victim (so I guess remote access via Internet will be possible). The exploit works on standard Windows \u2013 no further software are required. The attack is wormable (can self-replicate). Let's hope, Microsoft releases a fix tomorrow (May 9, 2017) on patchday. (<a href=\"https:\/\/web.archive.org\/web\/20220928191722\/https:\/\/www.bleepingcomputer.com\/news\/security\/google-researchers-find-wormable-crazy-bad-windows-exploit\/\" target=\"_blank\" rel=\"noopener\">via<\/a>)  <\/p>\n<p>Microsoft has issued a fix for this vulnerability in Malware Protection Engine. Further details may be found within my blog post <a href=\"https:\/\/borncity.com\/win\/2017\/05\/09\/microsoft-fixes-critical-malware-protection-engine-vulnerability\/\">Microsoft fixes critical Malware Protection Engine vulnerability<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]It's a bit cryptic, what Google security experts Natalie Silvanovich and Tavis Ormandy from project Zero just revealed. They claim, they has discovered the 'worst Windows remote code exec in recent memory'. Update: Microsoft issued a fix for this vulnerability &hellip; <a href=\"https:\/\/borncity.com\/win\/2017\/05\/08\/windows-has-a-critical-wormable-vulnerability\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,2],"tags":[69,194],"class_list":["post-2827","post","type-post","status-publish","format-standard","hentry","category-security","category-windows","tag-security","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/2827","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=2827"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/2827\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=2827"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=2827"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=2827"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}