Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Windows Bug Microsoft

Third-Party Vendor Issues Temporary Patch For Windows Vulnerability ( 39

An anonymous reader writes: "A vulnerability discovered by Google Project Zero security researchers and left without a patch by Microsoft received a temporary fix from third-party security vendor ACROS Security," according to Bleeping Computer. Microsoft is set to officially patch the flaw on March 15, after it previously pushed back February's Patch Tuesday for next month.

"According to Google researchers, attackers could leverage malformed EMF files to expose data found in the victim's memory, which can then be leveraged to bypass ASLR protection and execute code on the user's computer... ACROS Security has issued a temporary patch that can be applied to Windows computers via its product, called 0patch, a platform that applies fixes for zero-days, unpatched vulnerabilities, end-of-life and unsupported products, for legacy OSes, vulnerable 3rd party components, and customized software." When Microsoft issues an official update, the temporary patch will stop working immediately.

This discussion has been archived. No new comments can be posted.

Third-Party Vendor Issues Temporary Patch For Windows Vulnerability

Comments Filter:

Real programmers don't bring brown-bag lunches. If the vending machine doesn't sell it, they don't eat it. Vending machines don't sell quiche.