Microsoft Reveals 17-Year-Old Bug in Windows

By on Jan 21st, 2010 at 11:31PM

We’re not sure how anyone at Microsoft missed this, but a bug in the Windows Virtual DOS Machine (VDM), which handles legacy 16-bit programs, was found and has apparently gone unnoticed for 17 years. VDM was first implemented in a July 1993 update of Windows NT and has since been included with all 32-bit Windows operating systems, including Windows 7. Microsoft says that if a hacker exploited this vulnerability, they “could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

Microsoft hasn’t released any kind of fix yet and we don’t know when they will, but one Google engineer who found the bug, Tavis Ormandy, said there’s a quick workaround: edit group policies to block 16-bit applications from running.

via [ComputerWorld]

Post to Twitter Post to Digg Post to Facebook

Posted in News, Software | 1 Comment

One Comment to “Microsoft Reveals 17-Year-Old Bug in Windows”
  1. Jan 22nd, 2010 at 3:54 AM#1Lamilia

    Yes that’s nice. Tell everyone about a security bug before it’s fixed.

    [Reply]

Leave a Comment Below

Back to Top