منتديات عميد التعريب  

العودة   منتديات عميد التعريب > >

الملاحظات

شؤون المستقبل English News شؤون تكنولوجيا المستقبل باللغة الإنجليزية World English Technology News



إضافة رد
 
أدوات الموضوع انواع عرض الموضوع

قديم 2018-08-29, 12:42   رقم المشاركة :1
معلومات العضو
عميد
Windows 10 zero-day security hole gets publicly outed
إحصائية العضو





معدل تقييم المستوى: 11
qaz is on a distinguished road
المنتدى : شؤون المستقبل English News
Wink Windows 10 zero-day security hole gets publicly outed


منتديات عميد التعريب - المصدر الأول لتعريب البرامج و التطبيقات للعالم العربي


A zero-day vulnerability in Windows 10 has just been made public, and it’s a hole that could potentially be exploited to take control of your PC.

The security flaw was revealed by Twitter user SandboxEscaper in controversial fashion – more on that later – and it’s a privilege escalation bug (with a proof of concept provided).

CERT/CC (the US cybersecurity organization which looks to counter emerging threats) has confirmed that this vulnerability can be leveraged against a 64-bit Windows 10 PC which has been fully patched up to date, as The Register reports.

It offers a route to gain local privilege escalation, as mentioned, meaning a malicious party could hijack the PC, but the good news – such as it is – is that it’s a local bug, so the attacker would have to be already logged into the PC to exploit it, or be running code on the machine.

However, the latter means there’s the potential avenue of getting a user to download a malicious app, and infecting the PC that way, of course. So this isn’t something that should fly under your radar – as ever, be careful what you download, and where you download it from.

Colorful revelation

SandboxEscaper revealed the bug using, shall we say, colorful language, so we won’t reproduce the tweet here, but assuming you’re not offended by profanity, you can
.

Suffice it to say it seems that someone got frustrated with Microsoft’s procedures for submitting bugs and vulnerabilities, and decided just to go ahead and publicly out the vulnerability instead. SandboxEscaper now seems to regret her actions, though, as she subsequently tweeted: “I screwed up, not MSFT (they are actually a cool company). Depression sucks.”

On its part, Microsoft has declared that it will “proactively update impacted devices as soon as possible”, so that means a patch is doubtless in the works, although the software giant hasn’t deemed it necessary to release any kind of emergency fix for this issue. We can probably expect the cure for the flaw to arrive in next month’s round of security updates.

Meanwhile, in other security-related news, last week Microsoft deployed a fresh batch of Intel’s microcode updates for Windows 10 which defend against the recently discovered Foreshadow vulnerability (and further variants of Spectre).

منتديات عميد التعريب - المصدر الأول لتعريب البرامج و التطبيقات للعالم العربي


Windows 10 zero-day security hole gets publicly outed windows zeroday





qaz غير متواجد حالياً   رد مع اقتباس
إضافة رد

مواقع النشر (المفضلة)

الكلمات الدلالية (Tags)
10, hole, outed, publicly, security, windows, zero-day, zeroday

أدوات الموضوع
انواع عرض الموضوع

تعليمات المشاركة
لا تستطيع إضافة مواضيع جديدة
لا تستطيع الرد على المواضيع
لا تستطيع إرفاق ملفات
لا تستطيع تعديل مشاركاتك

BB code is متاحة
كود [IMG] متاحة
كود HTML متاحة

الانتقال السريع


الساعة الآن 07:30

جميع المشاركات المكتوبة تعبّر عن وجهة نظر صاحبها .. ولا تعبر عن وجهة نظر إدارة المنتدى بأي شكل من الأشكال



تـبـرع
تبرع .
تودع التبرعات في احد الحسابات التالية
اسم البنك
رقم الحساب من داخل و خارج المملكة العربية السعودية
بنك الراجحي
IBAN - SA2880000141608010128882
بنك ساب SABB SA2945000000034035907001



Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.
Search Engine Optimisation provided by DragonByte SEO v2.0.42 (Pro) - vBulletin Mods & Addons Copyright © 2018 DragonByte Technologies Ltd.
جميع الحقوق محفوظة لموقع منتديات عميد التعريب 2010 - 2018 ©