Microsoft Patches 19 year-old Bug

Microsoft has patched a critical bug in its software that has existed for 19 years.

The flaw was discovered by IBM researchers in May this year, and the firm worked with Microsoft to fix the problem before it went public.

IBM said the bug had been present in every version of Windows since 95 and users are being urged to download updates.

Microsoft addressed the problem in its monthly security update, releasing 14 patches, with two more expected to be rolled out soon.

The vulnerability has been graded as a 9.3 out of a possible 10 on the Common Vulnerability Scoring System (CVSS), which is a measure of severity in computer security.

The bug also exists in Microsoft's Windows Server Platforms - which puts the security of websites that handle encrypted data at risk.

Security experts have compared this flaw to other significant problems that had come to light this year, such as the Heartbleed flaw bug.

The experts believe that while the impact could be just as significant, it might be more difficult for attackers to exploit.

There has been no evidence that the bug has been exploited "in the wild"; however, now that it is out in the public and patches have been made, experts think it is likely that out of date machines will come under attack.

Researchers believe the bug would have been worth more than six figures, if it had been sold to criminal hackers.

print this article

Return to internet news headlines
View Internet News Archive

Share with: