Kaspersky warns new Zero-day vulnerability is being actively exploited
2 min. read
Published on
Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more
A zero-day vulnerability, as well as four similar security holes which could potentially allow cyber criminals full access to your system, was found in the win32k.sys system file during a recent malware investigation by Kapersky. Windows versions 7,8.1, and 10, along with the associated server editions, can be targeted.
The vulnerability potentiated an unidentified APT criminal group to exploit these vulnerabilities in order to gain privileges to install a Windows PowerShell backdoor, which would allow cybercriminals to operate without a trace and gain complete control of the infected device.
Kapersky has since released a patch update, so as long as your system’s up to date, you’ll be protected; but perhaps at the expense of your convenience. Users have since complained of their systems becoming significantly slower, which can be attributed to the additional antivirus programs installed.
Whilst you don’t want a painfully slow device, you also don’t want a security compromised one. Kapersky has recommended the following security measures in order to ensure the most efficient protection against the installation of backdoors due to zero-day vulnerabilities:
- Install the Microsoft-provided update to close the vulnerability
- Update your operating system software regularly
- Use behaviour-based detection solutions which can detect unknown threats.
Via DrWindows.de
User forum
0 messages