Microsoft Windows has been caught in an onslaught of security issues.
Almost 40 different Windows apps consist of the same flaw that can be used by potential attackers to breach system security.
Security researchers at Symantec and various other firms believe that despite of Microsoft’s “patch” the bug still exists. It is the same bug that was there in Apple iTunes, about 4 months ago. However, Apple was smart enough to get rid of it once and for all – only for Mac users though.
In order to protect the identity of those developers at Microsoft, security companies have not revealed any names. But they said that the company will need to release 40 different patches for those applications because all of them act in a different manner. Each affected program will have to be patched distinctively.
Bloggers have been tweeting about those bugs for weeks now. One of them wrote:
“Looks like the cat is out of the bag – the issue that effected Windows shell and several different applications is still there.”
Details reveal that users can be conned into downloading programs through common platform for windows, such as “iTunes”. After tricking a victim into downloading a prefect application, the attacker is able to access those PCs and check in on any sensitive information with ease and comfort.
So far Microsoft didn’t comment on this issue. We all know that Microsoft doesn’t allow third parties to release patches for Windows, so we’re gonna have to wait until something is released officially by the company.
More informations concerning the vulnerability will be released by Rapid7 later this week. Moreover, an exploit module is already ready for Metasploit, but it has not been rolled out.
