Cyber attacks and threats to modern devices caused by viruses in a world full of computing are not unusual and often encounter serious cases that can affect many devices. Slovakia's ESET has now managed to capture a serious threat that has already been abused in practice, according to a portal Lupa.cz. An error in Windows 7 caused the attacker to obtain system permissions while controlling the device because there were no patches for win32k.sys.
Although Windows 7 for some users only looks in the distant past when it was used on their computers, it's still among us and will not go. jo statistics Net MarketShare has a 38% share of operating systems for desktops, although it has recently overtaken the new Windows 10 with more than 40%.
Microsoft does not count on Windows 7 exits January next year.
Windows 7 was threatened with serious vulnerability
But before that he had to solve the security problem, also called the "zero day" of vulnerability reported ESET on its website on July 10th. Microsoft has already released a new fix for this bug, but by that time attackers attacked it in eastern Europe.
The key issue was that an attacker, when you open a common application without repair win32k.sys, obtains permissions that allow him to control the entire computer, confirmed for the Lupa.cz technical director of the Czech subsidiary ESET.
Do not miss this
Microsoft explains: Why does Windows 10 need a lot more gigabytes after installation?
List of endangered versions of Windows 7 and Windows 2008:
- 32-bit Windows 7 ServicePack 1 systems
- Windows 7 System Service Pack 1 for x64 systems
- 32-bit Windows Server 2008 ServicePack 2 systems
- System server for Windows Server 2008 Itanium 2
- ServicePack 2 for Windows Server 2008 x64
- Itanium server systems based on Windows Server 2008 R2 ServicePack 1
- Windows Server 2008 R2 x64-based Systems ServicePack 1
Luckily, this error does not appear anymore in newer Windows 8 or Windows 10 operating systems, but it did not only endanger Windows 7, but also Windows Server 2008. It is expected that this vulnerability will also affect Windows XP and Windows Server 2003, but Microsoft has already removed these deficiencies from the supported list.
Windows 7 users can still talk about "luck" because after January 14, 2020, they will no longer receive additional security updates when the company officially discontinues support for this system.