Windows Update: Microsoft Releases Patch For Security Flaw

PHOTO: Microsoft CEO Satya Nadella delivers his keynote address at Microsoft Build in San Francisco, April 29, 2015. Robert Galbraith/Reuters
Microsoft CEO Satya Nadella delivers his keynote address at Microsoft Build in San Francisco, April 29, 2015.

Microsoft has released a critical patch for a security flaw found in Windows that could allow hackers to take complete control of a user's machine.

Classed as a critical vulnerability, Microsoft's highest rated threat, the company said in a security bulletin "an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

The vulnerability affects Windows Vista, Windows 7, Windows 8 and 8.1 and Windows RT, according to a security bulletin posted by Microsoft.

Windows XP Support Expires

Apple Releases iOS Update

From Clippy to Cortana, Microsoft Tries to One-Up Competitors

The ruse works when a user opens an infected document or goes to a website with malicious OpenType fonts, which are a font file type created by Adobe and Microsoft. The vulnerability is believed to infect as many as one billion PCs around the world.

The security hole was discovered by researchers from FireEye and Google's Project Zero security squad, who looked through documents leaked online after Italian surveillance company Hacking Team was the target of an attack earlier this month.

If a user does not have automatic updates enabled, Microsoft allows for the patch to be downloaded by visiting the "affected software" section on its security page.

The fix comes an important time for Microsoft as the company prepares to roll out Windows 10 beginning on July 29.

Comments