Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
ASUS ROG Radeon RX 6750 XT STRIX review
AMD FidelityFX Super Resolution 2.0 - preview
Sapphire Radeon RX 6650 XT Nitro+ review
Sapphire Radeon RX 6950 XT Sapphire Nitro+ Pure review
Sapphire Radeon RX 6750 XT Nitro+ review
MSI Radeon RX 6950 XT Gaming X TRIO review
MSI Radeon RX 6750 XT Gaming X TRIO review
MSI Radeon RX 6650 XT Gaming X review
Deepcool AS500 PLUS CPU Cooler Review
Kioxia Exceria Pro 2 TB M.2 NVMe SSD Review

New Downloads
Intel ARC graphics Driver Download Version: 30.0.101.1732
HWiNFO Download v7.24
GeForce 512.77 WHQL driver download
Intel HD graphics Driver Download Version: 30.0.101.1960
AMD Radeon Software Adrenalin 22.5.1 WHQL driver download
3DMark Download v2.22.7359 + Time Spy
Prime95 download version 30.8 build 15
AIDA64 Download Version 6.70
PCMark 10 Download v2.1.2556
GPU-Z Download v2.46.0


New Forum Topics
Nvidia shows signs ... Info Zone - gEngines, Ray Tracing, DLSS, DLAA, TSR, FSR, XeSS, DLDSR etc. [3rd-Party Driver] Amernime Zone Radeon Insight 22.4.1 WHQL Driver Pack (P/V/N 22.5.1 ...) The AMD Ryzen All In One Thread /Overclocking/Memory Speeds & Timings/Tweaking/Cooling Part 2 DRiVe-X racing simulator costs just over 20000 USD MSI releases 15.6-inch full HD gaming notebook with GeForce RTX 3050 at 750 USD Leak: AMD EPYC Processors Genoa-X, New SP6 Socket, and 160 PCIe Lanes ASRock releases DDR5 memory compatible model Z690 Steel Legend series EK Announces Quantum CPU Water Blocks with Walnut Wood Tops Sony WH-1000XM5 wireless headphones get the latest noise canceling technology




Guru3D.com » News » Microsoft Patches the "Crazy Bad" Windows Vulnerability

Microsoft Patches the "Crazy Bad" Windows Vulnerability

by Hilbert Hagedoorn on: 05/09/2017 04:10 PM | source: | 14 comment(s)
Microsoft Patches the

Earlier today we reported that Google Project Zero researchers found a ‘crazy bad’ Windows flaw. Microsoft apparantly took it very serious, as it likely was one of the biggest exploits ever. Right now they are patching Windows. The flaw is inside Windows Defender.

Microsoft's speed in issuing an automatic patch is impressive for a change. The vulnerability in Windows that could allow people to run malicious  unauthorized code. The vulnerability located in the malware protection software of Windows, Defender. The vulnerability was discovered by two Google Project Zero employees. They called the vulnerability the worst in a long time, because the vunerability was in the Microsoft's Malware Protection Engine, the software used as the basis for various Windows security programs, including Windows Defender.

Tavis Ormandy, one of the Google Project Zero researchers who discovered the flaw, warned exploits were "wormable," meaning they could lead to a self-replicating chain of attacks that moved from vulnerable machine to vulnerable machine.

Windows Defender has far-reaching access to the files and processes on your computer. Unauthorized code could be executed via the vulnerability, without the user even having to open say an infected email attachment. Microsoft's malware protection automatically scans all files on the hard disk, including temporary files, which means that receiving an email or viewing a web page would already be enough to infect a computer.

Therefore, Google's security staff were concerned about vulnerability because they could be remotely run and also very easily distributed. This Vulnerability is located in Windows 7, 8, 8.1, RT, 10, and in various business versions of the operating system. The update that Microsoft has released today corrects the issue and will be automatically installed by all users of the affected versions within two days.







« Toshiba Demonstrates Latest 64-Layer BiCS NAND FLASH · Microsoft Patches the "Crazy Bad" Windows Vulnerability · NVIDIA Showcases Multi-Users VR System Concept »

Related Stories

Microsoft Surface-laptop costs 1149 euro (updated) - 05/02/2017 07:24 PM
Several renders and images have been spotted on the web showing an unannounced Microsoft Surface-laptop. A Microsoft insider posted the content on Twitter last night. The new laptop will get a 13.5&...

Microsoft Announces Windows 10 S To Take On Google Chromebook - 05/02/2017 04:43 PM
Microsoft has launched Windows 10 S. Windows 10 S is a version of the OS targeted at students of all ages that promises higher performance, better battery life, and tighter security....

Microsoft will separate Edge browser updates from the Windows 10 - 05/02/2017 08:18 AM
Microsoft is expected to unveil Windows 10 Cloud at its #MicrosoftEDU event. The new SKU of the OS will only run apps that are designed for the Windows Store, and it's meant to be a competitor to Chr...

Microsoft to release major Windows 10 updates twice a year - 04/21/2017 08:07 AM
Tick-tock, Microsoft has announced a twice-per-year feature update schedule for Windows 10 like the Creators update. These will now happen in March and November, each year....

Microsoft Explains Why They Did Not Go for Ryzen in Project Scorpio - 04/19/2017 08:21 AM
In a reply to Eurogamer, Microsoft explained as to why the company has not opted an AMD Ryzen CPU for their Project Scorpio. Basically they claim they can achieve their performance targets without Ry...


3 pages 1 2 3


PrMinisterGR
Senior Member



Posts: 7975
Joined: 2014-09-27

#5429869 Posted on: 05/09/2017 07:00 PM
Good thing then that I disable Windows Defender. :banana:


Such a good idea. At least all the rest of the non-exploitable software you have can now run free :infinity:

By the way this is a code execution while scanning flaw, that probably exists for a ton of other, worse made, AV.

RealNC
Senior Member



Posts: 3669
Joined: 2011-11-24

#5429897 Posted on: 05/09/2017 08:33 PM
Such a good idea. At least all the rest of the non-exploitable software you have can now run free :infinity:

Anyone remember the bitcoin miner in the ESEA client? :banana:

intellimoo
Senior Member



Posts: 332
Joined: 2004-08-29

#5429908 Posted on: 05/09/2017 08:58 PM
"Microsoft's speed in issuing an automatic patch is impressive for a change."

Guess they didn't want to get scroogled again when the findings would be released by google to hurt --err, inform everybody.

nevcairiel
Senior Member



Posts: 802
Joined: 2015-05-19

#5429929 Posted on: 05/09/2017 10:08 PM
It also occurred to me that since they say it dates back to Defender in Windows 7 that it seems to have possibly taken Google years to find this thing...Interesting.


Thats not entirely clear. Windows Defender in Windows 7 still gets updated, so it may have been caused by a change somewhere down the line, and not been present from day 1. Without testing a large variety of versions, its impossible to know - but also not all that interesting to spend much time on to find out.

David Lake
Senior Member



Posts: 745
Joined: 2008-03-03

#5429971 Posted on: 05/10/2017 12:19 AM
I remove the service and permanently delete the program files for Windows Offender.

3 pages 1 2 3


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2022