系統直接開後門 Google 再度於 Windows 發現嚴重漏洞

於 Windows 作業系統內發現遠端遙控相關程式編碼漏洞,將可讓有心人士直接透過任何網路連入即可在裝置內偷動手腳,幾乎成為 Windows 作業系統嚴重後門。
評論
A man is silhouetted against a video screen with as he poses with a Nokia Lumia 820 smartphone in this photo illustration taken in the central Bosnian town of Zenica, September 3, 2013. Two years after hitching its fate to Microsoft's Windows Phone software, a withered Nokia collapsed into the arms of the U.S. software giant, agreeing to sell its main handset business for 5.44 billion euros ($7.2 billion). Nokia, which will continue as a maker of networking equipment and holder of patents, was once the world's dominant handset manufacturer but was long since overtaken by Apple and Samsung in the highly competitive market for more powerful smartphones. REUTERS/Dado Ruvic (BOSNIA AND HERZEGOVINA - Tags: BUSINESS TELECOMS TPX IMAGES OF THE DAY) - RTX135K5
A man is silhouetted against a video screen with as he poses with a Nokia Lumia 820 smartphone in this photo illustration taken in the central Bosnian town of Zenica, September 3, 2013. Two years after hitching its fate to Microsoft's Windows Phone software, a withered Nokia collapsed into the arms of the U.S. software giant, agreeing to sell its main handset business for 5.44 billion euros ($7.2 billion). Nokia, which will continue as a maker of networking equipment and holder of patents, was once the world's dominant handset manufacturer but was long since overtaken by Apple and Samsung in the highly competitive market for more powerful smartphones. REUTERS/Dado Ruvic (BOSNIA AND HERZEGOVINA - Tags: BUSINESS TELECOMS TPX IMAGES OF THE DAY) - RTX135K5
評論

原文刊登於 Mashdigi,INSIDE 獲授權轉載。

不久前才在 Windows 作業系統內發現幾個漏洞,Google Project Zero 計畫研究人員 Tavis Ormandy 與 Natalie Silvanovich 再度宣布於 Windows 作業系統內發現遠端遙控相關程式編碼漏洞,將可讓有心人士直接透過任何網路連入即可在裝置內偷動手腳,幾乎成為 Windows 作業系統嚴重後門。

根據 Tavis Ormandy 於個人 Twitter 頁面說明,此項漏洞幾乎可讓有心人士直接入侵處於不同網域的 Windows 裝置,並且可在裝置使用者毫不知情之下在後台安裝惡意程式,進而竊取隱私資料。

不過,Tavis Ormandy 與 Natalie Silvanovich 並未具體公布此項漏洞細節,避免有心人士藉此發動攻擊,但微軟方面則暫時未對此做任何回應,預期將會針對此項漏洞進行修復。

Google 今年 2 月初 也曾由 Project Zero 計畫研究人員發現多個 Windows 作業系統漏洞,其中更包含 IE 及 Edge 瀏覽器存在漏洞問題,但由於微軟認為 Google Project Zero 在告知漏洞的 90 天後便將細節公諸網路作法不妥,強調並非所有漏洞均能在 90 天內順利修復,更指 Google 直接將漏洞細節公布的作法將增加使用者系統安全風險。


精選熱門好工作

Data Analyst / Data Scientist

Omlet Arcade 美商歐姆雷特
臺北市.台灣

獎勵 NT$15,000

社群經營專員

關鍵評論網股份有限公司
臺北市.台灣

獎勵 NT$15,000

iOS工程師

Omlet Arcade 美商歐姆雷特
臺北市.台灣

獎勵 NT$15,000

評論