Microsoft scrambled to issue a fix for a security flaw which gave hackers access to just about every facet of users’ computers. It was for this reason it was deemed a critical threat -- a hacker could do just about anything with users’ machines, like view, change, or delete data; install programs; and even create new user accounts.
So which versions of Windows are affected? Just two out of three of the world’s 1.5 billion Windows PCs, according to Cnet -- all Windows Vista, Windows 7, Windows 8, Windows 8.1, and Windows RT users are vulnerable, and should install the emergency patch. Instead of waiting for its regular monthly update day to roll around, they have released the fix immediately.
How Hackers Could Gain Access
According to Microsoft, hackers simply create a document they’re betting you’ll be enticed to open, or they’ll get you to visit a webpage that is compromised. The vulnerability affected OpenType, a font format developed by Adobe and Microsoft.
It was discovered after security researchers were reviewing emails that had been leaked after the Italian surveillance firm Hacking Team’s systems were breached in early July. Security company FireEye and Google’s Project Zero security squad are credited by Microsoft for discovering this flaw and bringing it to their attention.
What Does This Mean For Windows 10?
With the release of Windows 10 merely a week away -- Microsoft’s next OS upgrade -- nerves are tense over at Microsoft. Windows 10, according to the company, has been proclaimed much more secure than any other version of Windows.
Device Guard is one reason for this, a tool that is designed to prevent this very type of attack the security patch is addressing. The other big reason is Windows Hello, a system relying on biometrics such as fingerprint, iris, and face recognition to determine user information, further protecting your computer from hackers.
And even the beta of Windows 10 was vulnerable to the flaw, so that might make these security promises fall flat. Many consider this beta version to be the same version to be released on the 29th, and if it has to be patched along with all of the other systems, what makes it any more secure?
What Should You Do?
As long as you have automatic update enabled on your computer, you should already be all set. Your computer will prompt for shut down to repair the problem, and you’ll be good to go. If you don’t have automatic update, you should head to Microsoft’s security bulletin page and download the patch manually. Either way, it’s critical you perform this update to protect your computer.
While there is no evidence showing hackers had used the vulnerability to attack Windows, Microsoft says they believe if they did, the attack would be done “consistently,” posing a threat over time to more and more users. They’re very thankful the problem was solved before any harm was done.
All Windows 7 and Windows 8.1 users will be able to upgrade to Windows 10 for free on July 29th.