Rumor: Microsoft might share information on extremely critical vulnerability later today
Click here to post a comment for Rumor: Microsoft might share information on extremely critical vulnerability later today on our message forum
Evildead666
Could it have something to do with Windows 7 ?
now its officially EOL, maybe they'll admit there's a huge gaping hole, that they won't be closing, or can't close.....
Hilbert Hagedoorn
Administrator
Nah, it coincides with patch Tuesday and the EOL of Windows 7 was already planned years ago. If it is as bad as this sounds, then MS will certainly push another patch update for W7.
asturur
Also because if is really 20 years old hole... They do not want to be responsible for open doors in a still large population of computers.
schmidtbag
@Will Dormann
I get the impression that MS developers should pay closer attention to how they implement security. I don't know... just call it the bare minimum?
geogan
Rich_Guy
As long as they fix it :P
Texter
Yeah as long as they fix it without breaking something else;)
Rich_Guy
SamuelL421
Crazy Joe
Any idea when the patches for Patch Tuesday are supposed to drop? For me this Tuesday is already 2/3's over!
Rich_Guy
Here in the UK, its 6pm.
Hilbert Hagedoorn
Administrator
Yxskaft
Kaarme
It would not do any good for Microsoft not to release extremely significant security patches for Win7 even a while after the supporting ending deadline. MS itself relies on the web a lot, so botnets are their enemy as well. Not to mention it'd bad for their PR if this became a real plague due to not patching it. If news sites report there's a hundred thousand PC Win7 botnet that MS could have prevented with a simple patch, yet refused to, what would people think? Well, Linux people would snicker.
barbacot
Cryptography...hmmm...
I will leave my wife's computer without patch - maybe someone will steal the parts of her identity that annoy me...
Gomez Addams
"According to Krebs On Security, Microsoft is about to release an extremely critical vulnerability in Windows."
I seriously doubt that is really what they are going to release.
JonasBeckman
Well they do want people to use the newest build so maybe that'd do it...
What will they fix though the ease of which one bypasses the activation requirements? 😛
(Well it's probably quite important but I guess we'll get some details in a hour or so when the update is actually out.)
EDIT: Sides they've been handing out free system upgrades for users on W7 way after the initial time period for that was out so yeah it's probably something quite important then.
Now what is it and what will it do to overall system performance. 😀
(Eh it's probably not too bad in that regard.)
Hmm wonder if that means the current 19500 build is already using that fix, 19000 20H1 hasn't been updated since December and might be vulnerable still.
Guess a .xxx update for current 19000 build would also confirm it's kinda probably going to be the RTM build instead of issuing a full new build.
And whatever else for 19H2 and earlier this cumulative will fix up.
Rich_Guy
and were patched! 😀
bemaniac
whole bunch of new stuff just came down the pipe
BetA
there you go....
https://kb.cert.org/vuls/id/849224/
The NSA did found this one.. just on a side note.. (im pretty shure they even used it)
Updated from Krebs
https://krebsonsecurity.com/2020/01/cryptic-rumblings-ahead-of-first-2020-patch-tuesday/
-- This issue was disclosed by Microsoft, who in turn credit the National Security Agency (NSA).
Full CERT Report: