When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Windows systems attacked via vulnerability made public by Google engineer

Microsoft has disclosed that some Windows systems have been attacked via a critical flaw in the OS's code. The vulnerability was made public back in May by a Google engineer.

Microsoft is saying that some PCs have been attacked with hackers taking advantage of a vulnerability that was originally revealed by a Google engineer. The machines affected seem to belong to corporate or government organizations.

The engineer in question, Tavis Ormandy, first made the vulnerability public back in May in a full-disclosure blog post. His actions have been criticized by industry members saying that the proper action would have been to report this privately to Microsoft so they can issue a fix before the vulnerability gets used “in the wild”. Google has distanced itself from Ormandy's actions, saying that his method of revealing the issue was a personal choice and did not represent the company. 

Now Microsoft is saying that they have seen “targeted attacks” using this particular bug, which could allow attackers to elevate their privileges on targeted machines. Microsoft has declined to comment on whether they think Ormandy’s actions have led to these attacks.

If you’re worried about attacks you should ensure that you have Automatic Updates turned on, as this vulnerability has now been patched via a Windows Update.

Source: Microsoft Via: Reuters | Image via Wikipedia

Next Article

AdDuplex CEO: Lumia 520 is the most popular Windows Phone

Previous Article

Microsoft: Xbox One for small businesses is a great investment

33 Comments

Load the comments and join the conversation!

Read the comments, ask the editors questions, show respect and join the conversation.

Click here