The world continues to reel from the IT outage that affected around 8.5 million Windows devices globally.
Although fixes have returned stability after the issue with CrowdStrike software, Windows devices, especially those that have not updated in some time, remain vulnerable.
Global IT Outage
A recent IT outage, affecting millions of PCs worldwide, caused havoc in businesses, health systems and airports.
The majority of those devices are now back online, but the fallout continues as US Fortune 500 companies were reported to have lost $5.4 billion of losses during the outage.
Scale of Cyberattack Issue
Despite frequent software updates, the prevalence of cyberattacks stubbornly refuses to drop.
Cyberattacks are frequent, with a cybercrime occurring, on average, once every 39 seconds.
Importance of Updating
Once a vulnerability has been uncovered, they will usually receive a patch rapidly to the relevant device and software.
A huge number of cybercrime is only possible because the device is running older software with known bugs and hacks.
CrowdStrike Outage
Although the global IT outage came to be associated with the Microsoft Windows ‘blue screen of death’, its origins lie in CrowdStrike’s cybersecurity software.
However, Windows software itself also contains vulnerabilities, especially older versions of Windows.
“Previously Unknown” Risk
An issue present in older versions of Windows may have been there for a while, and it is impossible to tell how many users were affected.
The issue remained “previously unknown,” according to cybersecurity agencies Checkpoint and Trend Micro.
Defunct Web Browser
Most modern web browsers are more resistant to a wider range of bugs and exploits, so this method takes advantage of a workaround.
The hack opens the now-defunct internet browser, Internet Explorer, on victims’ computers, exposing their computers to Internet Explorer’s latent vulnerabilities.
Worse Than Initially Feared
The vulnerability was initially reported with comparatively less concern, but an update by Trend Micro detailed the true danger of the exploit.
It can infect the computer to “pilfer system information and sensitive data (like passwords and cookies) from various applications.”
Recognized By US Government
The threat is serious enough that it has now been recognized officially on the US government’s Known Exploit Vulnerability list.
The government said older Windows versions as having “a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability.”
Vulnerability Has Been Patched
Although the vulnerability may be serious, there is an easy fix available to prevent personal information being stolen.
The exploit has been patched in the latest versions of Windows, so update your PC right now to make sure that you do not fall victim to this particular vulnerability.