Microsoft Patching 17-year-old Windows/DOS Bug

Last month we reported that Tavis Ormandy, a security researcher at Google, discovered a security flaw in the Virtual DOS Machine that can allow a nefarious user to inject code into the kernal and possibly install malware.

The flaw spanned iterations of Windows operating system over the last 17 years, including:

  • Windows 2000
  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7

According to the BBC, Microsoft will be rolling out a fix to this bug in a February Security Update. The update will fix five vulnerabilities that allow attackers to hijack a Windows PC and run their own programs on it.

The patch is expected to hit on Tuesday, February 9 but it's a good idea to have automatic updates turned on so that your OS will do the checking for you.

Create a new thread in the UK News comments forum about this subject
This thread is closed for comments
Comment from the forums
    Your comment
  • padlius
    It looks that all MS staff does is eat and shit, never checks old console. Bill could hire a team which would work on patches. Come on Microsoft.
  • wild9
    The original bug was called DOS. The latest patch for it is called Windows 7.
  • DonJuan2000
    come on, Dos 6.22, almost the most stable S.O. in the world !! :)