Windows users received a surprise in mid-July when Microsoft released an emergency update seemingly out of the blue to patch a vulnerability in Windows software – including the brand new Windows 10 – that was discovered when researchers investigated the massive trove of emails leaked after Italian surveillance firm Hacking Team suffered a breach.
Milan-based Hacking Team is a surveillance vendor, selling software that is often used by governments and major corporations to exploit zero-day vulnerabilities and infect targets with the firm’s software. In early July, the company’s networks were hacked and thousands of documents were leaked to the public. The exposed messages included information on several zero-day flaws, three of which were found in Adobe’s Flash Player. A serious vulnerability found in Windows programs was also revealed, leading Microsoft to rush to release a patch to users.
The Windows flaw, found in the Windows Adobe Type Manager Library that handles the rendering of OpenType fonts, exposed a straight-to-kernel remote code execution vulnerability. The flaw was classified as critical – the company’s most serious threat level – because successful use of the exploit could allow an attacker to hijack vulnerable Windows devices. According to a statement released by Microsoft , a hacker could use the vulnerability to install programs, access, edit or delete data or create accounts with full administrative control. The emergency patch was released after Microsoft researchers discovered that “exploit code could be created in such a way that an attacker could consistently exploit this vulnerability.”
While Microsoft commonly releases updates and patches on the second Tuesday of each month, – referred to by the company as Patch Tuesday – the emergency update was the first out-of-band patch since January when Microsoft had to shut down its public advance notification service to install security updates. Many tech experts have speculated that Microsoft was quick to release the patch because the official launch of Windows 10 is just around the corner.
“The operating system is to reach beta testers Thursday, July 29, then begin rolling out to customers who have “reserved” a copy of the free upgrade from Windows 7 or Windows 8.1,” wrote Computerworld contributor Gregg Keizer. “Sans a patch — and with the vulnerability out — Microsoft would have been mocked for claiming Windows 10 was more secure than previous versions of Windows.”
Protect against hidden flaws with Deep Freeze
Zero-day vulnerabilities are an increasingly common problem for businesses, as they are difficult to defend against – they often aren’t identified until it’s already too late. Most companies rely on software vendors to make them aware of available updates or emergency patches, but many zero-days slip past manufacturers undetected as well. Zero-day threats exploit previously unknown vulnerabilities and can be near impossible to detect with an antivirus solution. Luckily, Faronics offers users a way to protect against zero-day threats.
Faronics Deep Freeze Enterprise allows companies to protect their Windows or Mac operating systems and ensure 100 percent availability. Deep Freeze Enterprise enables businesses to retain their computers systems’ pristine condition and reduce downtime and IT tickets. When Deep Freeze is first installed, IT administrators are able to select preferred system settings and network configurations. Then Deep Freeze Enterprise will store and lock them in place. If any changes are made, either accidentally or through malicious activity, a simple reboot is all that is needed for a machine to be restored to its original settings. Using a unique Reboot to Restore feature, Deep Freeze allows administrators to clear out any malicious software, including code that may include zero-day threats. Once the reboot is complete, devices are returned to their predetermined settings and any harmful software is removed.