…“The vulnerable driver ships with every version of Windows, up to and including Server 2025,” Adam Barnett, lead software engineer at Rapid7, said. “Maybe your fax modem uses a different chipset, and so you don’t need the Agere driver? Perhaps you’ve simply discovered email? Tough luck. Your PC is still vulnerable, and a local attacker with a minimally privileged account can elevate to administrator.”…
People have probably been sitting on exploits for months or longer. There will probably be another wave after the 1 year extended support ends.
It’s interesting that this supposedly goes back to Windows 3.1 and the original release…
Personally I blame Dave Plummer.
makes you wonder if/how/by who its been used all these years
I expect it’s stuff like ATMs, Coinstar machines. Things that may need to phone home regularly but don’t need to sit online constantly.
And it’s not likely to be the last.
deleted by creator
