Windows Bug Found by Google Engineer, Microsoft Issues Warning

So far, Microsoft has not seen any evidence the vulnerability is being targeted in the wild. However, attacks may be forthcoming since Ormandy’s code is public. Microsoft issued a security advisory June 10 after a Google engineer published attack code targeting a Windows zero-day vulnerability on the Full Disclosure message list.

The vulnerability, uncovered by Google engineer Tavis Ormandy, affects “the Windows Help and Support Center function that is delivered with Windows XP and Windows Server 2003,” Microsoft said. Other editions of the operating system are not impacted by the bug.

READ MORE >>