Share this article

Improve this guide

Microsoft fixes double zero-day security flaw in Windows 7

2 min. read

Updated onOctober 4, 2023

updated onOctober 4, 2023

Share this article

Improve this guide

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Microsoft fixed a security flaw that hitWindows 7and was discovered together with ESET. The great thing is that according to the tech giant, there haven’t been any attacks thanks to the fast discovery and fix of the problem.

ESET helps Microsoft to fix Windows 7 security vulnerability

Matt Oh, Windows Defender ATP Research released a technical analysis of thevulnerabilityand pointed out that Microsoft teamed up with ESET and Adobe to fix two different zero-day exploits in aPDFwhich was believed to pack an unknown Windows kernel flaw.

Although thePDFsample was found in VirusTotal, we have not observed actual attacks perpetrated using theseexploits. The exploit was in early development stage, given the fact that thePDFitself did not deliver a malicious payload and appeared to be proof-of-concept (PoC) code.

The notes also say that finding thisvulnerabilitybefore an attacker got a chance to use it was a great effort of the collaboration between Microsoft and ESET.

The analysis details that one exploit affectedAdobe Acrobat Readerand the other one hitWindows 7and Windows Server 2008. The first flaw targeted Adobe JavaScript engine, and the other was aiming at Windows.

Update your OS now

The same recommendation that Microsoft has been offering users is also appropriate now: update your older operating system in order to benefit from the latest security updates and always remain protected.

If you have to delay upgrading your OS, it’s recommended that IT admins disable JavaScript in Adobe Acrobat and Adobe Reader until the updates are eventually installed. They are also advised todouble-check their PDFs for malwarejust to make sure that noexploitsare targeting the network systems. You can read the complete details on the exploit onMicrosoft’s support page.

RELATED STORIES TO CHECK OUT:

More about the topics:Cybersecurity,ESET,windows 7

Radu Tyrsina

Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time).

For most of the kids of his age, the Internet was an amazing way to play and communicate with others, but he was deeply impressed by the flow of information and how easily you can find anything on the web.

Prior to founding Windows Report, this particular curiosity about digital content enabled him to grow a number of sites that helped hundreds of millions reach faster the answer they’re looking for.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Radu Tyrsina