{"id":7689,"date":"2014-06-07T08:06:48","date_gmt":"2014-06-07T12:06:48","guid":{"rendered":"http:\/\/thundercloud.net\/infoave\/new\/?p=7689"},"modified":"2014-06-07T08:06:48","modified_gmt":"2014-06-07T12:06:48","slug":"is-microsoft-patching-windows-8-x-and-not-windows-7","status":"publish","type":"post","link":"https:\/\/www.thundercloud.net\/infoave\/new\/is-microsoft-patching-windows-8-x-and-not-windows-7\/","title":{"rendered":"Is Microsoft Patching Windows 8.x and Not Windows 7?"},"content":{"rendered":"<blockquote>\n<h1>Redmond is patching Windows 8 but NOT Windows 7, say security bods<\/h1>\n<h2><span style=\"color: rgb(255, 0, 0);\">New tool checks differences, could lead to 0-day bonanza<\/span><\/h2>\n<p>Microsoft has left Windows 7 exposed by only applying patches to its newest operating systems.<\/p>\n<p>Researchers found the gaps after they scanned 900 Windows libraries and uncovered a variety of security functions that were updated in Windows 8 but not in 7. They said the shortcoming could lead to the discovery of zero day vulnerabilities.<\/p>\n<p><iframe loading=\"lazy\" title=\"TROOPERS14 - What Happens In Windows 7 Stays In Windows 7 - Marion Marschalek &amp; Joseph Moti\" width=\"665\" height=\"374\" src=\"https:\/\/www.youtube.com\/embed\/s_7Cy2w2dCw?start=38&#038;feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<p>The missing safe functions were part of Microsoft&#8217;s dedicated libraries intsafe.h and strsafe.h that help developers combat various attacks.<\/p>\n<p>Researcher Moti Joseph (@gamepe) &#8211; formerly of Websense &#8211; speculated Microsoft had not applied fixes to Win 7 to save money.<\/p>\n<p>&#8220;Why is it that Microsoft inserted a safe function into Windows 8 [but not] Windows 7? The answer is money &#8211; Microsoft does not want to waste development time on older operating systems &#8230; and they want people to move to higher operating systems,&#8221; Joseph said in a presentation at the Troopers14 conference.<\/p>\n<p>Microsoft has been contacted for comment.<\/p>\n<p>Together with malware analyst Marion Marschalek (@pinkflawd), the duo developed a capable diffing (comparison) tool dubbed DiffRay which would compare Windows 8 with 7, and log any safe functions absent in the older platform.<\/p>\n<p>It was &#8220;scary simple&#8221;, Marschalek said, and faster than finding vulnerabilities by hand.<\/p>\n<p>DiffRay GUI and flow chart<br \/>\nSecurity bods could then probe and pluck those functions to identify vulnerabilities and exploits.<\/p>\n<p>In a demonstration of DiffRay, the researchers found four missing safe functions in Windows 7 that were present in 8.<\/p>\n<p>&#8220;If we get one zero-day from this project, it&#8217;s worth it,&#8221; Joseph said&#8230;<\/p><\/blockquote>\n<h4><span style=\"text-decoration: underline;\"><em><strong><a href=\"http:\/\/www.theregister.co.uk\/2014\/06\/06\/patch_piker_redmond_means_win_8_fixes_skip_7_researchers_say\/\" target=\"_blank\">SOURCE: THE REGISTER<\/a><\/strong><\/em><\/span><\/h4>\n","protected":false},"excerpt":{"rendered":"<p>Redmond is patching Windows 8 but NOT Windows 7, say security bods New tool checks differences, could lead to 0-day bonanza Microsoft has left Windows 7 exposed by only applying patches to its newest operating systems. Researchers found the gaps after they scanned 900 Windows libraries and uncovered a variety of security functions that were updated in Windows\u2026 <span class=\"read-more\"><a href=\"https:\/\/www.thundercloud.net\/infoave\/new\/is-microsoft-patching-windows-8-x-and-not-windows-7\/\">Read More &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1426],"tags":[],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/7689"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=7689"}],"version-history":[{"count":2,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/7689\/revisions"}],"predecessor-version":[{"id":7691,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/7689\/revisions\/7691"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=7689"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=7689"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=7689"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}