• December 7, 2022

AI Shake-Up As Prominent AI Guru Proposes Mind-Bending “Mortal Computers” Which Also Gets AI Ethics And AI Law Dug In

Here’s something that you probably hadn’t been yet mulling over: Mortal computers. But maybe you should be. The heady topic came up at the recent and altogether quite prominent annual conference …

Piiano Releases Secure Database For Enterprises And Developers

Data protection company Piiano has released Piiano Vault, a secure database that’s designed to give enterprises the ability to store safely sensitive personal data in compliance with the EU’s GDPR, California’s …

How Creative Artists Agency (CAA) Is Employing Data, Analytics, And AI To Shape The Culture Of Our Times And Inspire The World

George Clooney. Cate Blanchett. Beyoncé. Lady Gaga. Brad Pitt. Tom Hanks. What do these artists have in common? Each of them, among others, in addition to a roster of professional athletes, …

Windows 10 and Windows 11 users need to be extra vigilant because hackers have discovered a new way to bypass Windows security, and Microsoft currently has no fix.

Discovered by Will Dormann, a senior vulnerability analyst at Analygence, the vulnerability allows malicious files to bypass Windows warnings. Moreover, these files can pass undetected through any source: web browser, email attachment or network share.

The vulnerability impacts all modern Microsoft operating systems: Windows 10, Windows 11, and Windows Server 2019 and 2022. Windows 7 and Windows 8 are not affected.

At the time of publication, Microsoft has not commented on the zero-day, and there is no timeframe for an official patch. The good news is third-party security specialist 0patch has come up with a temporary fix, which you can download here.

Advertisement

“[The zero-day] stems from a logical error in the way Windows make a security assessment of an unknown document,” warned 0patch co-founder Mitja Kolsek, in an email exchange with me. “Neither of these vulnerabilities can make the user open the document, but the security warning… is the only thing that can make the user change their mind before their computer gets compromised.”

0patch has provided an install guide for the fix, which you can watch here:

Kolsek notes that this is the second vulnerability in recent weeks, which allows attackers to bypass Windows security warnings when tricking users into opening malicious files. Both were zero-day hacks.

I have contacted Microsoft about this flaw and will update this post when/if I receive a reply.

More On Forbes

Advertisement

Leave a Reply

Your email address will not be published.