Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New Zero-Day Windows 8.1 Vulnerability


  • Please log in to reply
7 replies to this topic

#1 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,272 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:59 PM

Posted 03 January 2015 - 05:51 PM

New Zero-Day Windows 8.1 Vulnerability
 

A Google security researcher, 'James Forshaw' has discovered a privilege escalation vulnerability in Windows 8.1 that could allow a hacker to modify contents or even to take over victims' computers completely, leaving millions of users vulnerable...A Microsoft spokesperson confirms the vulnerability and says that it’s already working on a fix

 

 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


#2 JohnnyJammer

JohnnyJammer

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:05:59 AM

Posted 03 January 2015 - 06:24 PM

This will be the first of many of the year 2015 LOL.



#3 rp88

rp88

  • Members
  • 2,980 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:59 PM

Posted 04 January 2015 - 11:59 AM

Microsoft knew about this months ago, google warned them as soon as the bug was discovered. It's only become public now because microsoft did nothing about it in the 90 day period google had agreed they would keep quiet for.


Does this affect 8.0 and 8.1 or JUST 8.1?

Edited by rp88, 04 January 2015 - 09:00 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:59 PM

Posted 04 January 2015 - 01:54 PM

... because m$ did nothing about it in the 90 day period google had agreed they would keep quiet for.
 

 

Where did you get that info?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 rp88

rp88

  • Members
  • 2,980 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:59 PM

Posted 04 January 2015 - 02:55 PM

"where did you get that info"

Most of the other sites which have reported this, and the original release from google. It was formatted like a thread of comments the first one ,the one about the bug, dated in september at some point, then the next one was an automated post stating that the thread became visible after a 90 day period after publication. And then a load of comments by people saying what thye thought of the release.

Edited by rp88, 04 January 2015 - 09:01 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:59 PM

Posted 04 January 2015 - 03:31 PM

I don't consider the comments on that Google page (google-security-research) as a reliable source of information that Microsoft did nothing in 90 days.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 51,272 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:59 PM

Posted 04 January 2015 - 06:47 PM

Most likely comments from folks expressing their opinion in regards to Microsoft without any factual basis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:59 PM

Posted 05 January 2015 - 03:56 AM

Exactly quietman7!

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users