Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Windows XP Zero-Day Under Attack

Posted by Soulskill on from the escalation-of-stale-operating-system-attack dept.

wiredmikey writes "A new Windows kernel zero-day vulnerability is being exploited in targeted attacks against Windows XP users. Microsoft confirmed the issue and published a security advisory to acknowledge the flaw after anti-malware vendor FireEye warned that the Windows bug is being used in conjunction with an Adobe Reader exploit to infect Windows machines with malware. Microsoft described the issue as an elevation of privilege vulnerability that allows an attacker to run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights."

10 of 241 comments (clear)

  1. Re:Upate to the most current by dreamchaser · · Score: 5, Insightful

    Upgrading the OS would be wise as well, especially since we're fast coming to the point of end of support, April 8th 2014. Windows 7 and 8.x both improved security considerable, and there are other more secure options as well such as MacOS X and the other varies flavors of *nix such as Linux distributions.

  2. They Didn't save this? by cant_get_a_good_nick · · Score: 3, Insightful

    Hmm, a bug that gets admin rights.... If I were sufficiently evil I would have saved this until April when there's no chance of it being patched ever.

  3. Re:Upate to the most current by Joce640k · · Score: 1, Insightful

    Sure, Windows 7 fits on my EeePC. Not.

    I'm not even sure it would fit on my old HP laptop - that's only got a 30Gb hard disk in it. Windows 7 would overflow that in no time.

    (Yes, they're both used used almost every day...)

    Or I can upgrade all my perfectly-good hardware, right? Do they even make pocketable little 9" PCs any more?

    --
    No sig today...
  4. Re:Upate to the most current by Anonymous Coward · · Score: 5, Insightful

    Never have an adobe product installed in the first place - solved.

  5. Re: Upate to the most current by Anonymous Coward · · Score: 0, Insightful

    Or, they don't just want to spend the money...? These corporations are sitting on wads of cash.

    Remember, MBAs run these places. EVERYTHING is a "cost", the exception being their bonuses and "shareholder returns".

  6. Re:Ummm, why should it not? by Anonymous Coward · · Score: 2, Insightful

    Microsoft needs to decide whether they are going to let XP go public domain, as per contract on copyright, or to continue to support it.

    You have a hilariously mistaken idea of how copyrights work.

  7. Re:Upate to the most current by tepples · · Score: 5, Insightful

    Sure, Windows 7 fits on my EeePC. Not.

    Then do like I did: install an Xfce-based Linux distribution and run Windows applications in Wine. Should Microsoft follow through on the rumored complete deprecation of the desktop in Windows 9, you'll be ready. Or you can install a larger SSD in your Eee PC and max its RAM.

    Do they even make pocketable little 9" PCs any more?

    I too mourned the end of netbooks. Tablets sold with a keyboard, such as the ASUS Transformer Book, are probably the closest successor.

  8. Gosh.... by hazeii · · Score: 5, Insightful

    Oh, I see, a ramping-up of press releases about 'exploits' against XP prior to the cut-off date.

    Didn't see that coming.

    --
    All your ghosts are just false positives.
  9. Useless exploit, just gives admin to a local user. by ReekRend · · Score: 5, Insightful

    Per TFA, this exploit is dumb and unconcerning. It just lets a standard user perform admin operations, no remote exploit of any kind. There have always been many ways for a standard user to get admin on any OS, the most trivial being physical access.

  10. Re: Upate to the most current by Anonymous Coward · · Score: 5, Insightful

    Foxit is just as bloated as Adobe Reader.
    Sumatra PDF is what Foxit was before becoming bloatware.