Are you aware that, last night, the computer suddenly occupied the background a lot of bandwidth, resulting in slower speeds. This is another Windows patches during a large-scale update. There are two high-risk vulnerabilities, impact on windows95 to windows10 would almost be considered the most extensive in the history of the impact of windows vulnerabilities.
Successfully utilization is very high
Both vulnerabilities discoverer "hacker leader" TK, namely Tencent basaltic laboratory creator to Yang. He Vulnerability named "Bad Tunnel". Windows plans to grant $ 50,000 in prize money.
Microsoft credits in these two vulnerabilities are named MS16-063 and MS16-077
TK said, take advantage of this high success rate of vulnerabilities and circle of friends for Windows programmers to clarify, not because they are wrong, the consequences resulting from the code.
TK circle of friends shot provided by friends
The vulnerability is caused by problems in the original design. When a user opens a URL, or open any Office files, PDF files, or other file formats, or is it only insert a U disk, will help complete the goal of the attacker to hijack the user's network, access to privilege escalation.
An attacker can Edge, Internet, Microsoft Office or Windows in many third-party software to exploit the vulnerability, an attacker can also be done through a network or a thumb drive.
Even users install security software with a proactive defense mechanism can not detect attacks. An attacker could also take advantage of the target system for any malicious code.
General principle exploits
TK can be learned from the circle of friends, the vulnerability is primarily a series of respective protocols and features individually designed work caused. Attacks are usually general vulnerability, it requires the use of forged NetBIOS (originally developed by IBM) link, so that the software on different devices to communicate over a local area network. Even if the attacker is not in the target network, you can still bypass firewalls and NAT devices, by guessing the correct network equipment identifier (that is, things ID), the establishment of a credible interaction in the network, all network traffic will be directed to the attacker computer.
An attacker can masquerade as computer networking equipment, such as a local printer server or file server. Not only can they monitor unencrypted traffic to be intercepted and tampered with Windows Update Download. In addition, you can also implement further attack victim visited pages. For example, they can be cached by the browser page insert the code, so that the channel between the attacker and the target remains open.
It is understood, TK will announce the details of the vulnerability on August Black Hat in Las Vegas.
Experts suggest that support for the Microsoft Windows version, the user is best to upgrade as soon as possible to update more appropriate. For Microsoft no longer supports Windows version can be used to disable NetBIOSover TCP / IP, NetBIOS or block links played 137 ports ways to prevent attacks. Microsoft officials have been given specific steps.