Windows detects 48 vulnerabilities in Windows Search

During August Microsoft has repaired 25 insecurities in their search engine Microsoft Search. One of the weaknesses was an RCE error that allowed attackers to take control of a server or workstation through Windows Search. The August repair patched 48 security holes, of which 25 were critical. RCE stands for Remote Control Execution and means hackers can access other people’s computers wherever they are in the world.

 

Windows 10 affected by RCE weakness

The most serious RCE vulnerability, CVE-2017-8620, affects multiple versions of Windows 10, Windows Server 2012 and Windows Server 2016. Microsoft states that none of the weaknesses are currently exploited by hackers. If the vulnerability was exploited, an attacker could take control of the entire infected system. RCE CVE-2017-8620 works by using holes related to how Windows Search handles objects in memory. Another critical weakness was RCE CVE-2017-8664 which occurs if a host server does not validate input from an authorized user on a guest system. If an attacker succeeds in exploiting this vulnerability, he or she could run a malicious program on a guest operating system which could then run a random code on the so-called Hyper-V host’s operating system.

 

Attackers can obtain remote control of computers

There are countless examples of how hackers can get remote control with our computers. It can happen when we log into a shared WiFi network at a cafe or a hotel which can help an attacker to gain access to your computer. With this kind of access your computer can become infected with malware. In this situation the attacker often takes over the host computer for the purpose of extortion. Once the person has gained control over your computer, he or she may take your data and blackmail you with threats about publishing personal photos, letters or other confidential information.

 

Old drivers increase the risk of cyber attacks

The best way to protect your computer against RCE is to patch the security holes that are in, for example, a search engine. If you are not in a situation where you can patch security holes in the search engine you are using, there are other ways to stay secure online. One of the most important things is that you update your drivers continuously so that hackers can not access your system via old security holes in your drivers. The older your drivers are, the greater the risk that hackers have developed methods to exploit weaknesses in the software to penetrate your computer and take control of it. This can mean that they will steal personal information, passwords, details about your bank accounts and in extreme cases, can use your computer to hack other computers.

 

Update your drivers regularly

This story states that even if you use the latest software from one of the world’s largest computer companies you are not necessarily completely safe. For better protection against hacker attacks you should regularly update your drivers. You can also follow the latest news on our security blog. Among other things, we have published articles on how to avoid hacker attacks and identity theft. We regularly publish news and tips on how to best take care of yourself when you are online. In addition to keeping yourself up to date on the information page, you must also stay technologically updated.

With Driver Update you can quickly determine which drivers you need and which drivers you need to update. Our software can also do automatic updates of your drivers so you do not have to worry about whether you are doing it correctly You can download the latest version of DriverUpdate here.

Posted in Blog