Two new wide-spread and far-reaching security flaws have been identified in Windows. And not content to just identify the flaws, the Chinese “security” (and Aunty uses the term advisedly) firm, VenusTech, has also posted the code necessary to exploit the flaws. That story was picked up and posted by the Chinese security forum, Xfocus Team.

Gee, guys, thanks.

According to CNet news, one of the vulnarabilities, the Window’s “LoadImage” function, “could enable an attacker to compromise a victim’s PC when the computer displays a specially crafted image placed on a Web site or in an e-mail”. Whee!

The other exploitable flaw is in, of all things, the Windows Help program (ironic, eh ?), and can affect any program which calls up Help.

No comment from Microsoft was available at the time of the story breaking, and of course most of corporate America is on skeleton crew because of the holidays.

Merry Christmas.

Get New Internet Patrol Articles by Email!

We respect your email privacy | Powered by AWeber Email Marketing

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us

Venmo us

Paypal us

 

More from the Internet Patrol:

Encryption: Why It Matters to You, Even If You Think You Have 'Nothing to Hide

Amazon Ring Doorbell Footage Shared With Police Without User Consent

Use or Applied to T-Mobile? Your Data May be Compromised by the Experian Hack

AI Under Scrutiny: US Government to Monitor Foundation Model Developments

Saks Fifth Avenue, Lord and Taylor, Reveal 9 Month Long Credit Card Data Breach

About the Jeep Hack and Hackers Hacking Cars and What to Do About It

If You Get the "Complete Required Actions" Email from GoDaddy Do NOT Open It!

LastPass Hack Update: Customer Information Accessed

Share the knowledge