Microsoft has solved a problem that could cause severe issues for a Windows system, because an attacker could seize the control over a Windows box. The bug was in the malware engine coming from Microsoft and included in their anti-virus solution offered with the operating system. The fixing of this bug is a stepping stone for the attackers that now try to enter a Windows system.
On Wednesday, the users who benefit of the solutions offered by Microsoft in terms of security, received an update for the Microsoft Malware Protection Engine. This was an automatic update for those who have this service installed and running on their systems. This vulnerability which has been treated by this update could have offered the full control to a user of Windows system, that does not have the permission of the user to use that system, nor ever requested the permission. So, with this vulnerability, the attackers or others who tried to enter your computer, could enter using another vulnerabilities and using this vulnerability, they could gain full administrative control over your tasks and system.
Cesar Cerrudo, the CEO of the security research company Argeniss, said in an instant message, like it is reported by Computer World, that he has disclosed the bug to Microsoft at a conference held last year in July. It was disclosed publicly at the Black Hat conference, where they talked about security issues. According to him, this bug did not present a major risk, because the attacker had to be already in your computer, thus to enter using another vulnerabilities the Microsoft system could have. But these systems in the last years improve very much their security measures and normally, no hacker could find a way to enter in a well-protected Microsoft system.
So, to be able to benefit of this vulnerability, the hacker first had to enter the system to gain a bit of control and only after that to use the bug, which Microsoft solved last days, to gain total control of the system. This is a bit Sci-Fi, because if you see that someone else is using your computer, you can see this when you run the programs and the apps on it, you will immediately run the anti-virus to find the problem, or you will go with the computer to a specialist, so the hacker won’t have enough time to seek in your hard drive and to find what he wants.
This vulnerability could be exploited remotely obviously. No hacker will enter your computer in other way, than remotely, but to do that, the attacker had to first upload an executable code on IIS, which is a long process. The risk could be bigger for those who upload Web pages on the Internet, thus use a server to do that. The problem doesn’t come from the FTP program you use, but by the simple fact that you use a program that allows full access to your hard drive, while you transfer the files from your computer, to that server. Microsoft said that this issue was important and they are glad that this is now solved.
