14 DAY TRIAL // Security vendor Kaspersky has warned today that an old vulnerability in Windows, which has already been patched by Microsoft, is being actively exploited right now by cybercriminals worldwide, so customers should accelerate their patching process to make sure they’re secure.
Flagged by Microsoft as CVE-2010-2568, the vulnerability was being used by hackers in cyber attacks against Iran’s nuclear program and was first reported to the software giant in 2010, with a patch released soon after that.
“Despite this, Kaspersky Lab detection systems are still registering tens of millions of detections of CVE-2010-2568 exploits. Over the study period, more than 50 million detections on more than 19 million computers worldwide were recorded,” Kaspersky explains.
According to the same report, the vulnerability affects all Windows versions on the market with the exception of Windows 8 and 8.1, but given the fact that the majority of users are now running Windows XP and 7, it’s critical to patch these systems as soon as possible.
As for the causes that are making exploits possible, Kaspersky says that “it is an error in processing tags in Windows OS enabling the download of random dynamic library without the user’s awareness.”
Hackers could thus drop malware on vulnerable computers, which could be then used in new attacks or for spreading malware to even more systems that are yet to be patched.
“The first malware exploiting this vulnerability was registered in July 2010. The worm Sality uses this vulnerability to distribute its own code: Sality generates vulnerable tags and distributes them through the LAN. If a user opens a folder containing one of these vulnerable tags, the malicious program immediately begins to launch. After Sality and Stuxnet this vulnerability was used by the well-known Flame and Gauss spyware,” Kaspersky explains.
At this point, computers in Vietnam, China, and India are said to be the most vulnerable to attacks because the patch released by Microsoft in 2010 is yet to be installed on these systems.
“Vietnam (42.45%), India (11.7%) and Algeria (5.52%) are among the leaders for the number of Kaspersky Lab detections of one of the most dangerous Windows vulnerabilities currently known. Interestingly, according our research, the outdated XP OS is also widely used in all these countries,” it says.
Of course, the popularity of Windows XP is still causing issues, as 25 percent of the world’s desktop computers are still said to be running this particular operating system. Microsoft stopped providing support for Windows XP in April 2014, so no other updates and security patches are being released for this OS version. The old CVE-2010-2568 fix is however available via Windows Update.