Microsoft Finally Gets Around to Fixing 17-Year Old Windows Bug

Illustration for article titled Microsoft Finally Gets Around to Fixing 17-Year Old Windows Bug

Talk about procrastination (or rather, ignorance of a fundamental flaw in your OS for nearly two decades): a Google engineer recently discovered a vulnerability in Microsoft's 32-bit Windows kernel that had been around since 1993.

Advertisement

It's kind of funny that this thing has been around long enough to get a driver's license, but less so considering that it's exposed every Windows OS since then to hacker takeovers. The afflicted subsystem was the Windows Virtual DOS Machine, and the potential for damage was pretty serious, according to yesterday's Microsoft advisory:

What might an attacker use this vulnerability to do?
An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Bad news! Don't worry, they'll patch it. But do worry, for all the other teenage bugs out there that no one's caught yet. [ComputerWorld]

DISCUSSION

dos... DOS!

HTF did Microsoft make it this far?

Bill Gates, you are a business-savvy son-of-a-bitch.

After all these years, now I'm afraid to pull out that boot floppy (you know, the one that loads EMM386, maybe some HIMEM, clears out "upper memory blocks", loads MSCD.EXE and autoloads strike.exe), shove it in my Packard Bell and fire up some Strike Commander, since now someone might jack into my computer over the 14.4k baud modem and own my machine.