Hackers now crave patches, and Microsoft's giving them just what they want
At least one of next Tuesday's updates looks like an excellent candidate to hackers as they sniff for bugs in the now-retired Windows XP
Computerworld - Hackers will have at least one, perhaps as many as four, patches next week to investigate as they search for unfixed flaws in Windows XP, the 13-year-old operating system that Microsoft retired from support April 8.
"Come Tuesday, Microsoft will be patching some vulnerabilities in Windows, and it is realistic to assume that at least one of these will also affect Windows XP," said Kasper Lindgaard, director of research and security at Secunia, in an email Friday. "Generally speaking, newly discovered vulnerabilities in XP will be unpatchable for private users, and therefore we will see a rise in attacks."
On May 13, Microsoft's regularly-scheduled monthly Patch Tuesday, the Redmond, Wash. company will issue eight security updates for its software. But because it has stopped providing updates to owners of Windows XP PCs, those customers will not see any of the eight.
Hackers looking for vulnerabilities in Windows XP will be using the patches to find vulnerabilities in XP, Microsoft and security experts have said. By conducting before- and after-patch code comparisons, attackers may be able to figure out where a vulnerability lies in Windows 7 -- which will be patched -- then sniff around the same part of XP's code until they discover the bug there. From that point, it will be relatively straight forward for them to craft an exploit and use it against unprotected XP PCs.
"Patches to the other Windows operating systems will be reverse engineered by hackers, seeking to discover which vulnerabilities were fixed by Microsoft, and if applicable, modified to work against Windows XP," Lindgaard said.
He's not the only one who believes hackers will leverage updates to find unpatched bugs in XP. So does Microsoft.
"After April , when we release monthly security updates for supported versions of Windows, attackers will try and reverse engineer them to identify any vulnerabilities that also exist in Windows XP," said Dustin Childs, director of Microsoft's Trustworthy Computing group, last October. "If they succeed, attackers will have the capability to develop exploit code to take advantage of them."
Four of the eight scheduled security updates that Microsoft plans to ship next week look like candidates for hackers because they will affect all client versions of Windows, including Windows Vista, Windows 7, Windows 8 and Windows 8.1. Before Microsoft stopped pushing patches to XP, it was rare for an update to fix one or more newer editions of Windows, but not patch XP at the same time.
One of the four will impact all instances of IE, so there's a very high chance that that update would have patched the pertinent editions of the browser -- IE6, IE7 and IE8 -- on Windows XP if Microsoft had continued updating the old OS. The upcoming fix for IE was rated "critical," Microsoft's highest threat warning, and was also tagged with the phrase "remote code execution" in last week's advance notification, meaning that if successfully exploited, attackers could hijack the PC and plant malware on its drive.
Windows XP lives
- XPocalypse, not now
- Windows XP hack resurrects patches for retired OS
- Bug bounty program outs 7-month-old IE zero-day
- CA Technologies releases free XP migration tool
- Windows XP's U.S. farewell tour to last most of '14
- Microsoft sticks to vow, leaves XP exposed to ongoing attacks
- Microsoft's Patch Tuesday gives XP attackers a roadmap
- Microsoft: We're serious this time; XP's dead to us
- Windows XP die-hards can slash attack risk by dumping IE
- Hackers now crave patches, and Microsoft's giving them just what they want
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Datacenter eGuide Read on to learn what technologies are essential for high-performing data centers today, and to get a glimpse of what the data center...
- EndPoint Interactive eGuide In this eGuide, Network World, Computerworld, and CIO examine two endpoint trends - BYOD and collaboration - and offer tips and advice on...
- The Business Value of Continuous Delivery Download this whitepaper to learn more about the business value of Continuous Delivery and see why it could be a game changer for...
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success!
- Transform Your IT Service Management Watch this webinar, to learn how EasyVista can increase IT productivity & efficiency and deliver streamlined & integrated IT Service & Asset Mgmt. All Malware and Vulnerabilities White Papers | Webcasts