Microsoft Security Advisory (2914486): Vulnerability in Microsoft Windows Kernel 0 day exploit in wild
Fireeye posted a story earlier today outlining a zero day affecting XP and Windows 2003:
http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/ms-windows-local-privilege-escalation-zero-day-in-the-wild.html
Microsoft has followed it up with a matching post:
Microsoft Security Advisory (2914486): Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege:
https://technet.microsoft.com/en-us/security/advisory/2914486
Note that the temporary fix outlined breaks some windows features, specifically some IPSEC VPN functions.
The real story here isn't the zero day or the workaround fix, or even that Adobe is involved. The real story is that this zero day is just the tip of the iceberg. Malware authors today are sitting on their XP zero day vulnerabilities and attacks, because they know that after the last set of hotfixes for XP is released in April 2014 (which we're now officially calling "WinMageddon"), that their exploits will work forever against hundreds of thousands (millions?) of XP workstations. ( http://windows.microsoft.com/en-us/windows/lifecycle )
If you are still running Windows XP, there is no project on your list that is more important than migrating to Windows 7 or 8. The "never do what you can put off until tomorrow" project management approach on this is on a ticking clock, if you leave it until April comes you'll be migrating during active hostilities.
===============
Rob VandenBrink
Metafore
Comments