CYBER experts have warned that a critical vulnerability in the Windows operating system leaves your PC exposed to hackers.The security bug made public
CYBER experts have warned that a critical vulnerability in the Windows operating system leaves your PC exposed to hackers.
The security bug made public by US tech titan Google on Monday affects every version of Windows from Windows 7 to 10.
If exploited by hackers, it could allow them to gain control of your computer, researchers at Google’s Project Zero security team wrote.
Scarier still is that the bug has not yet been patched by Microsoft – which develops Windows – meaning cyber crooks can still take advantage of it.
“We have evidence that the following bug is being used in the wild,” researchers said.
Project Zero aims to hunt down major vulnerabilities in the gadgets and software used by hundreds of million of people around the world.
The idea is to boost the security of the web for everyone by making it harder for hackers to discover and exploit problems in popular tech.
Researchers said the newly discovered vulnerability was found within the Windows Kernel Cryptography Driver.
Project Zero notified Microsoft of the issue and gave them seven days to fix it before they published their findings.
Microsoft was unable to meet this deadline. The Washington-based firm urged caution among users but said any threat was limited.
That’s because all attacks using the bug have relied on a separate vulnerability in Google Chrome that was fixed on October 20.
Google’s Shane Huntley confirmed the bug had been used by hackers for “targeted exploitation”.
That means hackers wielded it to target specific people rather than a widespread attack.
Huntley added that the attacks were “not related to any US election-related targeting.”
How to stay safe from hackers
- Protect your devices and networks by keeping them up to date: use the latest supported versions, use anti-virus and scan regularly to guard against known malware threats.
- Use multi-factor authentication to reduce the impact of password compromises.
- Tell staff how to report suspected phishing emails, and ensure they feel confident to do so, investigate their reports promptly and thoroughly.
- Set up a security monitoring capability so you are collecting the data that will be needed to analyse network intrusions
- Prevent and detect lateral movement in your organisation’s networks.
It’s hoped that a patch could be release as early as November 10 as part of Microsoft’s monthly “Patch Tuesday” effort.
To avoid getting caught out by cyber crooks, experts recommend netizens keep their browser and operating system up to date.
Web-dwellers should also use strong and secure passwords which they do not use across multiple online accounts.
If receiving an email from an unknown sender, be careful not to open attachments or click links in the message unless you can verify they aren’t dangerous.
Facebook has added a SECRET Dark Mode that only some people can get
iPhone 11 Black Friday 2020: Best deals to look out for
Tesco Mobile Black Friday deals include savings on the iPhone 11 Pro Max
Best Black Friday Phone Deals 2020: What To Look Out For
Look out for this orange dot on your iPhone – someone is listening in
In other news, Instagram is rolling out a “Suggested Posts” feature that could keep you on your feed for longer.
Facebook has been branded a “danger to public health” as a shock report reveals staggering failure to crack down on fake news.
And, Google is working on an Android phone powered earthquake alert system.
Are you concerned about the Windows vulnerability? Let us know in the comments…
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
This post first appeared on Thesun.co.uk