Microsoft Patching 17-year-old Windows/DOS Bug
A patch is on the way to fix up that ancient Virtual DOS Machine flaw.
Last month we reported that Tavis Ormandy, a security researcher at Google, discovered a security flaw in the Virtual DOS Machine that can allow a nefarious user to inject code into the kernel and possibly install malware.
The flaw spanned iterations of Windows operating system over the last 17 years, including:
- Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
According to the BBC, Microsoft will be rolling out a fix to this bug in a February Security Update. The update will fix five vulnerabilities that allow attackers to hijack a Windows PC and run their own programs on it.
The patch is expected to hit on Tuesday, February 9 but it's a good idea to have automatic updates turned on so that your OS will do the checking for you.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
-
N.Broekhuijsen oh but I though windows 7 was entirely rewritten from scratch......Reply
sons of b***es been lying to us AGAIN!!!
-
N.Broekhuijsen I dont mean to be crude but thats just how I feel now. I feel cheated on by MICROSOFT.Reply
then again, im sure we all do :P -
Shadow703793 Hmm... you mention Server 2008 but not Server 2008 R2 but yet you mention Vista and Win 7?Reply
========
One more thing: This ONLY affects 32 bit Windows Versions!
See: http://www.microsoft.com/technet/security/advisory/979682.mspx=======
Affected Software
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows Server 2003 Service Pack 2
Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2*
Windows 7 for 32-bit Systems
Non-Affected Software
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for Itanium-based Systems