Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

15-year-old bug allows malicious code execution in all versions of Windows


  • Please log in to reply
3 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,837 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:09:25 AM

Posted 10 February 2015 - 07:59 PM

The flaw, which took Microsoft more than 12 months to fix, affects all users who connect to business, corporate, or government networks using the Active Directory service. The database is built into Windows and acts as a combination traffic cop and security guard, granting specific privileges to authorized users and mapping where on a local network various resources are available. The bug—which Microsoft classifies as MS15-011 and the researcher who first reported it calls Jasbug—allows attackers who are in a position to monitor traffic passing between the user and the Active Directory network to launch a man-in-the-middle exploit that executes malicious code on vulnerable machines.

"All computers and devices that are members of a corporate Active Directory may be at risk," warned a blog post published Tuesday by JAS Global Advisors, the firm that reported the bug to Microsoft in January 2014. "The vulnerability is remotely exploitable and may grant the attacker administrator-level privileges on the target machine/device. Roaming machines—Active Directory member devices that connect to corporate networks via the public Internet (possibly over a Virtual
15-year-old bug allows malicious code execution in all versions of Windows

BC AdBot (Login to Remove)

 


#2 rp88

rp88

  • Members
  • 3,082 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:25 PM

Posted 11 February 2015 - 12:04 PM

This hasn't been offered to me, it isn't listed in windows update and it isn't installed already. My system: windows 8, toshiba laptop. I don't know whether this vilnerability is one that can and will affect all users, or only those who are making particular types of connections to particular types of network. Being classified as a "remote code execution" type by microsfot the bug sounds pretty severe, so it would be helpful to know whether only some system types are vulnerable to this.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#3 JohnnyJammer

JohnnyJammer

  • Members
  • 1,122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:08:25 AM

Posted 11 February 2015 - 09:34 PM

So this is just the same as token kidnapping? Old news been done hundreds of times :|.



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,075 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:25 PM

Posted 11 February 2015 - 10:13 PM

 

....affects all users who connect to business, corporate, or government networks using the Active Directory service...All computers and devices that are members of a corporate Active Directory may be at risk...


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users