…“The vulnerable driver ships with every version of Windows, up to and including Server 2025,” Adam Barnett, lead software engineer at Rapid7, said. “Maybe your fax modem uses a different chipset, and so you don’t need the Agere driver? Perhaps you’ve simply discovered email? Tough luck. Your PC is still vulnerable, and a local attacker with a minimally privileged account can elevate to administrator.”…
It’s interesting that this supposedly goes back to Windows 3.1 and the original release…
Personally I blame Dave Plummer.
makes you wonder if/how/by who its been used all these years
I expect it’s stuff like ATMs, Coinstar machines. Things that may need to phone home regularly but don’t need to sit online constantly.