Microsoft Examines New Vulnerability

The Technology Company, Microsoft, says that it is examining a new flaw in Windows. The issue highlighted a bug in the operating system's kernel driver.

As per the security experts, a successful abuse would let the criminals to insert their attack code in kernel mode, which would further allow them to infect the system either through malware or by stealing any information from the machine.

According to the reports, this issue was first raised by an Israeli researcher, Gil Dabah (a Tel Aviv Researcher) whose nickname is "arkon". He found that Windows kernel hosts a heap overflow flaw.

In addition, Secunia (a Denmark based Bug Tracker Company) has found the flaw in the "Win32k.sys" kernel mode device driver, the most important component of the Windows subsystem. The flaw could be abused using "GetClipboardData", an application programming interface (API) that recovers data from the Window clipboard.

Secunia further stated that the vulnerability existed in numerous versions of Windows comprising Windows Server 2008 SP2, Server 2003 R2, Vista, Windows 7, and XP SP3. The firm ranked the bug as "less critical," the firm's second least threat ranking.

The discovery of new flaw is not new to Microsoft. The company has issued 13 patches for Windows kernel flaws this year (2010). For instance, in June 2010, MS10-032 included patches for three flaws in Win32k.sys; it had fixed eight bugs with MS10-021 in April 2010; and fixed two flaws MS10-015 in February 2010. Majority of those bugs were ranked as "important," Microsoft's second-highest ranking.

Tavis Ormandy (Information Security Engineer at Google), who experienced digging up kernel bugs, said that the latest was business as always. He further stated that there had been more than a few days this year (2010) that Microsoft hadn't been vulnerable to public kernel flaws, as reported by PC ADVISOR on August 9, 2010. Ormandy informed Microsoft about three of this year's kernel flaws.

The security experts recommend users that they should be alert of the flaw reported. As these flaws infect the users PC's with malicious software, users should install an updated and efficient security software like firewall and anti-malware programs to stay safe against these threats.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 8/16/2010