Bugs Affecting Windows: Microsoft Scrambled For A Fix To Find Even More Bugs

One of the most difficult parts about creating a software is to proof it against an entire spectrum of digital threats.

Not only viruses are becoming more tricky to deal with, the array of methods and tools hackers use are also getting more sophisticated. And here, Microsoft as the most popular PC operating system, has a lot to deal with.

Due to its fame, the product has long become the priority target for malicious deeds.

Dangerous exploits are created for Windows all the time, and just when Microsoft has enough problems, its partners just made things a lot worse.

According to a Californian security company SafeBreach, a software pre-installed on many PCs has left "millions" of users at risks.

The flaw happens to be in 'PC-Doctor Toolbox', which is a system analysis software that has been rebranded and pre-installed on PCs made by some of the world’s biggest computer retailers, including DELL, its Alienware gaming brand, Staples and Corsair.

DELL alone shipped almost 60 million PCs in 2018, and the company stated that the PC-Doctor Toolbox that is part of ‘SupportAssist’, was pre-installed on “most” of them.

DELL - SupportAssist
DELL's SupportAssist has been installed on tens of millions of computers

The flaw allows hackers to swap harmless DLL files loaded during the tool's diagnostic scans with DLLs containing malicious payload.

The injection of this code that impacts both Windows 10 Business and Home PCs, enables hackers to gain complete control of the victims' computer.

What makes the flaw particularly dangerous is that, PC vendors give the Toolbox tool a high-permission access to all of the computer's hardware and software. This should be done as the software needs such access to monitor everything, but with the flaw, hackers too can get that high-level permission for their malicious deeds.

SafeBreach initially reported the flaw back in April, and DELL had released a patch for it. However, SafeBreach found more vulnerabilities.

Unlike Apple which has its own products, Microsoft can deal with the market by delivering cheaper things. But to do that, it needs to partner with different vendors, just to make them pre-install Windows on their products.

However, the frustrating thing about this kind of partnership is that, it can drag Microsoft down when this kind of incident happens.

As many users said, Microsoft pledge to give more "control, quality and transparency" has become worryingly complex and even harder to deliver.

Microsoft Patch Tuesday

And just when the news came, Windows 10 is experiencing some serious threats. The first come from 'SandboxEscaper', a well-known exploit broker, who has found multiple holes in Microsoft’s CVE-2019-0841 security update.

Not only that the exploit can provide anyone with access to a Windows 10 and Server 2019 machine permissions, SafeBreach revealed that the pre-installed software on PCs are faulty and exposes users to being hacked.

Microsoft has released a patch for this exploit on its monthly roll-up of security updates, known as Patch Tuesday. The OS maker patched 88 vulnerabilities, among which 21 received a rating of "Critical," the company's highest severity ranking.

Furthermore, the June 2019 Patch Tuesday also included fixes for four of the five zero-days SandboxEscaper exploit

As for the fifth zero-day weren't ready in time, as SandboxEscaper only published the details about this bug a bit later, leaving Microsoft no time to put together and test the patch.

The second is when the federal authorities warn Windows users to update their computers in response to another security vulnerability that could allow hackers to view, change and delete data using malware.

The Cybersecurity and Infrastructure Security Agency that is overseen by the Department of Homeland Security, released the alert about what it calls 'BlueKeep' vulnerability that affects Windows 2000, Vista, XP, 7, Server 2003, Server 2003 R2, Server 2008 and Server 2008 R2.

This vulnerability would be capable of spreading rapidly, similar to the 2017 WannaCry ransomware attacks, authorities said.

Microsoft has already issued its own notice about the security vulnerability, and released a patch, including for its operating systems that the company no longer officially supports.

Published: 
24/06/2019