Microsoft patches Windows zero-day today

Microsoft Corp. will patch today, a flaw in Windows that affects all editions of the operating systems ranging from the 12-year-old XP to the just released Windows 8.1.

Security researchers who discovered the bug said that the vulnerability has been used by attackers in a “watering hole” campaign which was launched from a Web site based in the United States which focuses on domestic and international security policy.

A watering hole attack typically involve involves cyber criminals compromising a Web site frequently visited by their targets. The attackers plant a malware in the site and wait for users to browse the site.

Darien Kindlund, manager of threat intelligence at security firm FireEye, eye said the Windows bug was exploited through Internet Explorer 7, IE8, IE9 and IE10. He said the attack was seen in the wild against computers running either Windows XP or Windows 7.

He said the attack was unusual in the sense that it left no trace on the target computer’s hard disk drive. Hackers loaded an attack code directly into the memory of the machine. Because the malware payload was non-persistent, it disappeared when the PC was restarted. Restarting a PC wipes the machine’s system memory clean.

Read the whole story here


Nestor E. Arellano
Nestor E. Arellano
Toronto-based journalist specializing in technology and business news. Blogs and tweets on the latest tech trends and gadgets.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web