[vc_row type=”in_container” full_screen_row_position=”middle” scene_position=”center” text_color=”dark” text_align=”left” overlay_strength=”0.3″][vc_column column_padding=”no-extra-padding” column_padding_position=”all” background_color_opacity=”1″ background_hover_color_opacity=”1″ width=”2/3″ tablet_text_alignment=”default” phone_text_alignment=”default”]
Google Project Zero is the group of Google security experts who look for flaws and vulnerabilities in programs and programs most used to communicate to companies and have these solutions solve them. However, this group only offers developers 90 days to solve the detected failures and do not do these will be made public, exposing the company and endangering users.
Last November 2016, this group of Google security experts discovered a vulnerability in Windows and was reported to be fixed. This vulnerability is specifically found in the Windows gdi32.dll library and may allow a hacker to collect victim information through any GDI client, for example, with the Internet Explorer browser.
The bug is very complicated to exploit and requires physical access to the computer, so Microsoft did not consider it a priority and has launched the release of the patch until the last has passed the term of Google Project zero to solve it and made public.
In addition, this month Microsoft has not released its security updates, leaving this bug next to two known that are endangering users of this operating system. The researchers of 0patch have moved tab and have released a patch that will not allow us to protect, at least, the failure of the gdi32.dll library.
So, you’re using Windows… What you can do to fix it?
0Patch is a free tool that allows us to protect ourselves from different known vulnerabilities while we wait for the update to arrive officially. As the security patches are applied directly in memory, in addition, we will not have problems when installing the official patches when they arrive since the original files at no time are modified.
As of March 14, we will not receive the patch for the vulnerability of the GDI library, registered as CVE-2017-0038, those responsible for 0patch have created a patch that allows us to protect ourselves from this vulnerability while we wait for Microsoft to release its Corresponding official patch, thus being able to enjoy a more secure operating system.
To protect us, all we have to do is download the client from its main web page and install it on our computer. Once opened, it will analyze our system and apply any patches we do not have installed, such as those of this vulnerability.
If you want to know more about it check the official blog of 0Path.
learn, learning, the best security practice, ethical hacking, IT, Admin, Administrator, Server, User, Kali Linux, Phone, Download, Blog, WordPress, Free, Lab, Pentest, Pentester