Email
Password
Remember meForgot password?
    Log in with Twitter

article imageWarning issued about Windows XP bug

By Tim Sandle     Dec 2, 2013 in Technology
Microsoft has issued a warning about a bug in Windows XP. The flaw could let attackers take over a computer, and evidence suggests the weakness is being exploited by cyber-criminals.
The vulnerability exists in Windows XP and Server 2003, according to TechWorld. The weakness in Windows XP is that it allows a would-be attacker to piggyback on a known flaw in some older versions of Adobe Reader. Through Adobe, attackers are able to "escalate" the access they were granted to the system to eventually allow them to install their own malicious code.
The weakness was spotted by the Internet security firm FireEye. On spotting the flaw, FireEye issued a statement, which runs:
"FireEye Labs has identified a new Windows local privilege escalation vulnerability in the wild. The vulnerability cannot be used for remote code execution but could allow a standard user account to execute code in the kernel. Currently, the exploit appears to only work in Windows XP.
This local privilege escalation vulnerability is used in-the-wild in conjunction with an Adobe Reader exploit that appears to target a patched vulnerability. The exploit targets Adobe Reader 9.5.4, 10.1.6, 11.0.02 and prior on Windows XP SP3. Those running the latest versions of Adobe Reader should not be affected by this exploit.
Post exploitation, the shellcode decodes a PE payload from the PDF, drops it in the temporary directory, and executes it."
Microsoft has issued a temporary workaround that closes the loophole, and users of Windows XP are strongly advised to download the patch. However, it should be noted that applying the fix could break some Windows functions.
Although Windows XP has been superseded by versions 7 and 8 of the operating system, it is still widely used around the world. PC World reports that Microsoft are set to end support for Windows XP in April 2014.
More about Windows, Microsoft, Windows xp, Adobe
More news from
Latest News
Top News