There are threats and risks lurking in even the most robust, well-known operating systems, and Windows 10 is no exception in terms of vulnerabilities that can be used to commit zero-day attacks.
A few days ago, a new vulnerability in Windows came to light that affects this operating system, and puts all PCs using Windows 10 at risk, since it seemingly affects all versions.
Details of a new vulnerability
Several researchers have discovered a vulnerability that originates in the Windows Task Scheduler, specifically the APLC (Advanced Local Procedure Call). Since it has been revealed, other users have investigated and confirmed the existence of this risk. One such user is Phil Dormann, a CERT/CC vulnerability analyst, who has confirmed that the 64 bit versions of Windows 10 still have this flaw.
The management of this interface is responsible for helping the client process communicate with the server process. Exploiting this vulnerability allows local users to obtain elevated system privileges, and thus, take control of the device.
Recommendations: How to survive vulnerabilities
For the time being, there is no available patch. However, Microsoft have communicated that they are aware of the vulnerability, and that they are working on resolving the problem as soon as possible and launching a patch to close this vulnerability for good. So much so that this patch should be arriving on all affected devices via Windows Update within the next few days.
The most important thing when it comes to patches is to be able to know what vulnerabilities exist in the system and what patches need to be applied. With Panda Patch Management you can manage vulnerabilities and their corresponding updates and patches, both for operating systems and hundreds of applications. Patch Management audits, monitors, and prioritizes updates on operating systems and applications, complementing your defense system and strengthening your threat prevention, containment and remediation capacities, reducing the attack surface.
It provides visibility of endpoint health in real time, in terms of vulnerabilities, patches or pending updates, and unsupported software (EoL).
While Microsoft launches a patch to fix this security breach, here at Panda, we have the following recommendations:
- Having an anti-exploit program can help to protect you against serious attacks. Our advanced cybersecurity solution, Panda Adaptive Defense, includes dynamic exploit detection, which protects web browsers and their plug-ins, as well as other components installed on computers.
- Being as cautious as possible when it comes to the files that we download from unsafe sources or physical devices.
- “Zero-Day” means that it is a problem that does not yet have a solution. This is why we recommend a multi-layer protection, like that offered by Panda Adaptive Defense, which responds to an exhaustive security strategy that isn’t based on just one type of software or technology.
- Applying patches and updates provided by the manufacturers of your programs will reduce the risk of falling victim to a vulnerability. It will also ensure that this vulnerability doesn’t act as the way in for cybercriminals. These zero-day attacks are carried out against applications or systems with the aim of running malicious code that uses the knowledge of a vulnerability that is unknown to the public or the manufacturer.
Reduce the risk and the complexity of vulnerabilities with Panda Patch Management.