by Michael Mimoso October 17, 2014
UPDATE – Microsoft this week patched a vulnerability in the FASTFAT driver that interacts with FAT32 disk partitions, closing a privilege escalation and code execution hole in Windows Server 2003, Windows Vista and Windows Server 2008.
But what about Windows 7 and up versions of the OS, you may be asking? Granted, newer Windows releases lean toward NTFS as the file system format, but FAT32 is still an available option in all supported versions. Would newer versions be vulnerable too?
As it turns out, according to researchers at BeyondTrust, Microsoft had already silently patched what turned out to be MS14-063 in Windows 7, Windows 8 and 8.1, and apparently left older versions exposed for at least five years. That means well-resourced attackers have had quite a window of opportunity available to them to exploit what turns out to be a noteworthy memory corruption issue.
Full Article
Microsoft Selective with FASTFAT Driver Patch Deployments
Userlevel 7
+54
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.