Researchers have recently found a local privilege escalation vulnerability in Windows 7 that could affect the millions of Windows users who haven’t updated from the version. Discovered earlier in November, the said vulnerability was spotted in Windows Server 2008 R2 and Windows 10. Devices running either of these versions of Windows will be prone to attacks that leverage this vulnerability.
0patch vulnerability patch for Windows 7
According to the security researcher who exposed the issue, problems with this local privilege, escalation vulnerability can be extreme. However, it isn’t as exploitable as the other vulnerabilities found in systems. With the right amount of Windows 7 knowledge, however, attackers can vary the Performance Monitoring System — which, given the privilege the vulnerability provides, can allow the attacker to execute any code of choice.
Long story short, this vulnerability can affect users’ privacy and resources at 100 percent strength when adequately explored, with write access to the following registry keys:
The bigger problem is that the Microsoft team won’t be doing much to help regular users at stake here. Instead, the patches, if any, would be available for corporate customers who have purchased extended support for Windows 7 or Server 2008 R2. Considering that Microsoft has moved to the era of Windows 10 and its updates, Windows 7 users will not see any Microsoft-made solution for this critical problem. This has left millions of people dependent on third-party solutions or complete upgrades from the OS.
Meanwhile, a cybersecurity company 0patch has come to the rescue. 0patch (pronounced ‘zero patch’) is a company that releases small pieces of code that can protect software products and Operating Systems from various vulnerabilities.
For instance, micro patches from 0patch are now available for Office 2010 and earlier versions of Windows. In this case, however, 0patch has decided to make the Windows 7 patch available for free.
You can now download the patch free from the official 0patch website.
Earlier, critical patches like these were available as a part of the paid subscription from 0patch. However, in this case, considering that millions of people would be affected by the problem, the company has decided to make it freely available. For millions of users who cannot update Windows 10, this change from 0patch will come as a solace.