Microsoft Fixes Critical “Crazy Bad” Bug in Windows 10 Reported By Google Researchers


Short Bytes: The researchers from Google Project Zero have revealed a remote code execution bug in Microsoft Windows. The attacker doesn’t require any software to take the advantage of the serious bug. Microsoft is expected to fix the bug on May 9 Patch Tuesday release, followed by a detailed report by the researchers.

Update (May 9, 2017, 6:00 pm IST): In the latest Patch Tuesday update, Microsoft has fixed the critical remote code execution bug reported by Google Project Zero researchers.

The bug (CVE-2017-0290), tagged as “crazy bad” by the researchers, was present in the Microsoft Malware Protection Engine, a software component that fuels various anti-malware products including MS Security Essentials and the inbuilt Windows Defender tool in different Windows versions.

You can read more in the security advisory issued by Microsoft.

A tweet from Google security researcher Tavis Ormandy surfaced a couple of days before Microsoft’s Patch Tuesday, scheduled for May 9. In his tweet made on May 6, Ormandy highlighted a Remote Code Execution bug in Microsoft Windows.

The critical vulnerability, described as “crazy bad”, was discovered by two Project Zero researchers Natalie Silvanovich and Tavis Ormandy.

Also Read: How Your Brainwaves Can Be Used To Steal Passwords And Private Data

Not many details were revealed in the initial tweet. However, Ormandy described a little more in a later tweet.

According to him, the attack works on the default Windows installation, i.e., it doesn’t require any additional software. The attacker doesn’t have to be on the same LAN as the target machine. Also, the bug is “wormable” or self-replicating.

Ormandy mentioned in the tweet that a report will follow soon. And the revelation made near the Patch Tuesday escalates the speculations that Microsoft has prepared the fix for the remote code execution bug.

If you have something to add, drop your thoughts and feedback.

Also Read: Humans Must Find Another Planet In 100 Years To Survive, Stephen Hawking Warns
Aditya Tiwari

Aditya Tiwari

Aditya likes to cover topics related to Microsoft, Windows 10, Apple Watch, and interesting gadgets. But when he is not working, you can find him binge-watching random videos on YouTube (after he has wasted an hour on Netflix trying to find a good show). Reach out at [email protected]
More From Fossbytes

Latest On Fossbytes

Find your dream job