Microsoft Releases Emergency Patch for 'Crazy Bad' Windows Zero-Day Bug


Ok, another patch, whoopy dooo... But, if you read the title, this one is 'Crazy Bad' not just bad or semi-bad. This is on the border of Wicked-Bad. Why the concern? Here's the other hint, 'Zero-Day'. Not just a term used in the movies by cool, nerdy, hackers. A zero-day exploit is basically a security bug unknown to the software developers. The zero-day references the amount of time necessary to patch the system. In other words, the hackers already know and the developers do not. The developers have now discovered the vulnerability and now have zero-days to fix the problem because it's already been exploited.

And it gets worse... The bug was found in the Windows Defender applicaiton that is supposed to keep the operating system safe. At Novus[tek] we disable Windows Defender on all managed computers and then use Webroot for end point security. If your only protection is the free anti-virus that came with your computer, you better check yourself.

The vulnerability has been dubbed the worst Windows remote code execution flaw in recent memory. (ZD Net)