…“The vulnerable driver ships with every version of Windows, up to and including Server 2025,” Adam Barnett, lead software engineer at Rapid7, said. “Maybe your fax modem uses a different chipset, and so you don’t need the Agere driver? Perhaps you’ve simply discovered email? Tough luck. Your PC is still vulnerable, and a local attacker with a minimally privileged account can elevate to administrator.”…
People have probably been sitting on exploits for months or longer. There will probably be another wave after the 1 year extended support ends.
It’s interesting that this supposedly goes back to Windows 3.1 and the original release…
Personally I blame Dave Plummer.
makes you wonder if/how/by who its been used all these years
So stick with my Linux and don’t boot into Windows again. Got it.
Lots of these exploits can be very specific cases so aren’t going to threaten the average user. However the point is, Windows 10 is now a huge target and there are lots who would love to take advantage of a freshly open gate.
And it’s not likely to be the last.
deleted by creator
Nope. You don’t need to be using the driver. The article explains that an attacker call upon it and exploit it simply because it is there.
