Discovered in May by IBM, WinShock is a 19-year-old bug that has existed in every version of Microsoft’s Windows OS since Windows ’95. Mark James, ESET security specialist answers some important questions about the bug.
Before it was publically announced IBM worked with Microsoft to ensure that it was patched. IBM is also confident that they couldn’t find any examples of the bug having been exploited “in the wild.”
What is WinShock? How does it work?
“WinShock is an exploit similar to Heartbleed, it enables an attacker to remotely control a pc through a vulnerability in the technology used to transfer data securely, known as SSL (Secure Sockets Layer).”
What does it do if you’re infected? What should you look out for?
“Infected is the wrong terminology, its Affected, and if you have not performed the windows updates from the recent patch day then you could be affected.”
When flaws that have existed this long surface, should the company be held responsible?
“It’s ultimately very difficult to hold responsibility, we are all well aware of the shortcomings of Microsoft operating systems and bugs and backdoors have been around for years and WILL continue to be around for many years to come.”
Any advice for users looking to defend themselves?
“ALWAYS ensure not only your operating system but all your applications are maintained and updated regularly, if you can’t update the app find another that does the same job that can be updated.
“Always make sure you are running a current supported operating system and ensure your anti-virus software is maintained and up to date.”