We echo a new vulnerability that affects Windows. Specifically, an error in the contact application that could allow an attacker to execute arbitrary code remotely. It is a vulnerability of Zero-Day that currently has no official solution. There is only one temporary patch through 0Patch. A further security problem for the Microsoft operating system.
New Windows Zero-Day security flaw
This problem has been detected by security researcher John Page. The vulnerability lies in the way in which the files that store the contact information (.VCF and .Contact) are processed in the systems. As indicated affect from Windows Vista to Windows 10.This fact causes many users to be affected. We already know that both Windows 7 and Windows 10 are the most used operating systems on desktop computers. Something that could compromise many teams The current solution works for the updated version of Windows 10 version 1803 (64 bits) and Windows 7 (64 bits). As we have indicated, at the moment there is no official solution to this vulnerability. However, we can fix it provisionally through 0Patch.The error occurs when the .Contact files are processed. Mitja Kolsek, one of the security researchers, explains that the parameter is used as an argument for a ShellExecute call. Before opening the URLs in the default browser, ShellExecute attempts to locate the chain on the computer and starts it. The problem is that this happens without the user having proof.This causes an attacker to create a contact file with a malicious load in a subdirectory. When the victim clicks on the link within the contact file, the malware runs in the system.According to the researchers, the malware could be executed by clicking on both a web page and an e-mail address, inside the contact card.
How to avoid being a victim of this Zero-Day vulnerability
As we have mentioned, this vulnerability has not yet an official solution. However, we can use 0Patch. We explained in a previous article what is 0Patch and how could yesterday solve vulnerabilities like this, at least temporarily.What makes this type of patches is not to install the patch itself on the system, but to run small patches directly in the process when it is started. This way, the application can fail or affect the user's security in this case.On the other hand, it is always advisable to keep the systems updated to the latest version. Only then we can face potential threats that put at risk the proper functioning of the equipment. Sometimes vulnerabilities arise that are resolved through patches and updates. It is important to have updated both the systems and the different programs we have.We must also remember the importance of having security programs and tools. Another way to prevent the entry of threats into the system. note. The use of the Symantec Endpoint Protection firewall caliber program is the best to implement in this type of failures. provides security to our computers with unparalleled efficiency.
I hope that this solution to this great problem will be of great help. If you need to ask something, you can do it with pleasure.
I say goodbye kross
.