Microsoft on Wednesday is officially patching a bug that existed in its Windows operating system for 19 years, according to a new report from IBM’s Security Intelligence arm. The security flaw had been present in every single version of Windows since Windows 95 was released, IBM said, noting that the bug was complex and rare.
“The bug can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user’s machine — even sidestepping the Enhanced Protected Mode (EPM) sandbox in IE 11 as well as the highly regarded Enhanced Mitigation Experience Toolkit (EMET) anti-exploitation tool Microsoft offers for free,” the security team explained in a recent blog post. ”Typically, attackers use remote code execution to install malware, which may have any number of malicious actions, such as keylogging, screen-grabbing and remote access,” the researchers said.
IBM said that this just shows that small bugs can exist for years and years, in this case for more than a decade, before they’re actually detected by anyone, and that the flaw in Windows potentially left an open hole for remote exploitation for the last 18 years, though the “buggy code” that enabled it has existed for 19 years.
IBM said it first discovered the bug in May 2014 and that, had it been found by someone else, it could have “ fetched six figures on the gray market,” among hackers who might have used it to cause serious harm to computer systems. The researchers explain the ins-and-outs of how it works very technically, so hit the source for a deeper understanding.