Windows 7 exploit able to get past Microsoft's best defenses

Reading time icon 1 min. read


Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

Windows 7 featured image

Researchers at the California-based security firm  FireEye have taken notice that the Angler browser exploit kit, a malware bundle used by online criminals to methodically penetrate your web browser and your PC, is now able to get past two of Microsoft’s strongest defenses: the Enhanced Mitigation Experience Toolkit and data execution prevention, both of which are routinely used to beef up Windows security.

The bypass has been observed on Windows 7 machines with the Microsoft Silverlight or Adobe Flash Player browser plugin activated. There’s no word on whether the exploit works on Windows 8.1 or Windows 10.

Exploits like this are secretly embedded in malicious or hijacked websites and online ads, attacking visiting web browsers, quickly assessing the version number, plugins and underlying platform of each browser, then refining the malware for the specific browser. After being installed, the exploit kit is free to load all sorts of malware, ransomware, banking Trojans, and more onto your system.

The website describes the way to stay clear of the exploit as simply disabling Adobe Flash Player and Microsoft Silverlight, or setting them to click-to-play.

More about the topics: Angler, exploit, Fireeye, Microsoft News, windows

Leave a Reply

Your email address will not be published. Required fields are marked *