• Cimpanu: Microsoft fixes security breach in Win10, but doesn’t fix the same hole in Win7 or 8.1

    Posted on October 6, 2017 at 14:57 CDT by Comment in the Forums

    Once again, Catalin Cimpanu at BleepingComputer dropped a bomb. Referring to Mateusz Jurczyk’s investigation at Project Zero, he points out that a security hole patched in Win10 but not patched in Win7 or 8.1 gives rise to a situation where a simple tool – binary diffing – can disclose the nature of the security problem.

    As soon as Microsoft releases an update, attackers could patch and binary diff the Windows 7, 8.1, and 10 updates and look for inconsistent patches that may yield new bugs.

    Not to worry. These specific Win7 and 8.1 security holes were patched last month.

    UPDATE: Martin Brinkmann has posted a very accessible summary on ghacks.

    Windows Patches/Security
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.