Latest in Gear

Image credit:

Microsoft patches Google-outed Windows security hole

Attackers are using the exploit, so you'll want to update quickly.
Jon Fingas, @jonfingas
November 8, 2016
Share
Tweet
Share

Sponsored Links

Reuters/Robert Galbraith

As promised, Microsoft has issued a fix for the Windows security flaw that Google disclosed before a patch was ready. The update tackles vulnerabilities in numerous versions of Windows (from Vista through Windows 10) that would let an attacker get control of your system through a malicious app. You're already safe if you use Windows 10 Anniversary Update and an up-to-date browser, we'd add -- this is for people who can't or won't move to a newer operating system.

You have a strong incentive to upgrade quickly if you're affected. The attack is known to have been used by hacking group Strontium for a low-intensity but targeted phishing campaign. It's not certain that other organizations used the hole, but you likely don't want to find out about new attacks first-hand.

The patch ends a brief but tumultuous episode between Google and Microsoft. Google published details of the flaw after learning that it was already being used for real-world attacks, but Microsoft criticized the move as irresponsible. It put users at "potential risk" by making it easier for malware writers, the Windows creator said. Whether or not that's true, the question is whether or not the two sides are taking steps to minimize these issues in the future -- ideally, any security disclosure comes with a patch ready and waiting.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Presenting the Best of CES 2021 winners!

Presenting the Best of CES 2021 winners!

View
Donald Trump pardons ex-Waymo, Uber engineer Anthony Levandowski

Donald Trump pardons ex-Waymo, Uber engineer Anthony Levandowski

View
Korg teases Drumlogue, a hybrid analog / digital groovebox

Korg teases Drumlogue, a hybrid analog / digital groovebox

View
Synthetic cornea helped a legally blind man regain his sight

Synthetic cornea helped a legally blind man regain his sight

View
Paramount+ will replace CBS All Access on March 4th

Paramount+ will replace CBS All Access on March 4th

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr