View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
November 29, 2010

Chineses firm Qihoo 360 identifies oldest vulnerability in Microsoft OS

An 18-year latent high-risk 0day vulnerability that affects all Windows versions

By CBR Staff Writer

China’s network security services provider, , has released an emergency network security warning, claiming that it has discovered an Exploit Code of an 18-year latent high-risk 0day vulnerability that affects all Windows versions.

The company said that this vulnerability is very likely to confront worldwide computer users with a new round of malicious attacks.

The company said that netizens on the Chinese Mainland do not need to worry about that as it is upgrading its 360 Safe, a security software, which it claims to immunise against the security problems caused by this vulnerability.

Qihoo 360 security expert Shi Xiaohong said since 1992, there has been a local privilege escalation vulnerability in the Windows operating system, through which hackers may seize the highest control of the system and easily undermine or prohibit any security software, including anti-virus software, firewall, proactive defense software, sand box and the system restore.

"They can also hack around the UAC protection of Windows Vista/Win7 or elevate the privilege on a server website to take control of the vulnerability network server, and directly threaten the information security of government, enterprises, Internet bars and PC users," Xiaohong said.

"In the next 48 hours, all 360 Safe users just need to open 360 Trojan firewall with Internet connection and the 360 Safe will automatically update the temporary kernel patches directed against the vulnerability."

Content from our partners
Why all businesses must democratise data analytics
How start-ups can take the next step towards scaling up
Unlocking the value of artificial intelligence and machine learning

"Before Microsoft launches its official patch for the vulnerability, in order to protect users from the harm of this vulnerability, 360 Security Center will not disclose any technical details of the vulnerability temporarily."

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy