News

Windows users get patch for ‘USB leak’ that attackers exploit

By admin
Spread the love

Microsoft has patched a leak in Windows that made it possible to put malware on a PC by inserting a prepared USB device into the computer. All variants of Windows are susceptible.

Microsoft writes in its bulletin that it has “reasons” to believe that the vulnerability has been exploited in attacks against Windows users. It has labeled the patch “important,” a step below its most urgent designation “critical,” presumably because the attack requires physical access to a PC.

The attackers were able to take advantage of the vulnerability due to the way the Mount Manager for USB devices in Windows handles symlinks. This allows attackers to transfer malicious code from the USB device to the disk and execute it.

The patch addresses the issue by removing the vulnerable code from the Mount Manager, rendering the vulnerability unusable. Microsoft has been distributing the patch to all Windows users since Vista since Tuesday.

You might also like
News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

‘Microsoft wants to postpone deadline for Activision Blizzard…

News

Rumor: EU starts investigation into Microsoft for including Teams with Office