A new vulnerability operating systems Windows was recently discovered by Tavis Ormandy, employee (Security Engineer) of Google. This "new" vulnerability proved, in fact, almost 17 years oldIt is present in Windows OS (32bit) since its launch Windows NT 3.1In 1993.
At what risk we expose this vulnerability and how can it be avoided?
Vulnerability of Windows 32bit is generated by a breach in Virtual DOS Machin (VDM) Used to support 16 bit applications onThis allows handling the vast majority of kernel processes (system core files operating) and execute code at system - with privileges of administrator - through a 16 bit program. Tests made by one who discovered the vulnerability showed that it exists in systems Windows XP, Windows server 2003, Windows server 2008, Windows Vista si Windows 7. The risk is greatestConsidering that a potential hacker can open a command prompt at the level of administrator and to take control of the system.
To protect our systems from potential attacks (risk level increased up to 100% after the existence of this vulnerability was made public and Microsoft announced that it will take at least a week until you make a update Security to solve the problem) is sufficient to disable sub-system MS-DOS from Group Policy Editor (The system will function normally without compatibility issues - given that the 16 bit applications are not much in fashion):
1.tastati gpedit.msc in Search programs and files from Start Menu and give Enter.
2. go to Computer ConfigurationAdministrative TemplatesWindows ComponentsApplication Compatibility and double click on Prevent access to 16-bit applications
3. On the left select Enable then click on Apply si OK. Close the Group Policy Editor.
Note: This vulnerability does not exist on operating systems Windows 64bit.
