View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
November 29, 2010

Chineses firm Qihoo 360 identifies oldest vulnerability in Microsoft OS

An 18-year latent high-risk 0day vulnerability that affects all Windows versions

By CBR Staff Writer

China’s network security services provider, , has released an emergency network security warning, claiming that it has discovered an Exploit Code of an 18-year latent high-risk 0day vulnerability that affects all Windows versions.

The company said that this vulnerability is very likely to confront worldwide computer users with a new round of malicious attacks.

The company said that netizens on the Chinese Mainland do not need to worry about that as it is upgrading its 360 Safe, a security software, which it claims to immunise against the security problems caused by this vulnerability.

Qihoo 360 security expert Shi Xiaohong said since 1992, there has been a local privilege escalation vulnerability in the Windows operating system, through which hackers may seize the highest control of the system and easily undermine or prohibit any security software, including anti-virus software, firewall, proactive defense software, sand box and the system restore.

"They can also hack around the UAC protection of Windows Vista/Win7 or elevate the privilege on a server website to take control of the vulnerability network server, and directly threaten the information security of government, enterprises, Internet bars and PC users," Xiaohong said.

"In the next 48 hours, all 360 Safe users just need to open 360 Trojan firewall with Internet connection and the 360 Safe will automatically update the temporary kernel patches directed against the vulnerability."

Content from our partners
A hybrid strategy will help distributors execute a successful customer experience
Amalthea leverages AI and automation to improve yield while minimising waste and costs
How AI is unlocking valuable opportunities in the insurance industry

"Before Microsoft launches its official patch for the vulnerability, in order to protect users from the harm of this vulnerability, 360 Security Center will not disclose any technical details of the vulnerability temporarily."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.