Qihoo 360 Detects Oldest Vulnerability in Microsoft OS

2010-11-25 20:58 1295

BEIJING, Nov. 25, 2010 /PRNewswire-Asia/ -- Today, China's leading network security services provider, Qihoo 360, released an emergency network security warning, claiming that it has first discovered an Exploit Code of an 18-year latent high-risk 0day vulnerability that affects all Windows versions. This vulnerability named as "elder" is very likely to confront worldwide computer users with a new round of malicious attacks. However, netizens on the Chinese Mainland do not need to worry about that. 360 Safe, the flagship security software of Qihoo 360, is upgrading the temporary kernel security patches and can perfectly immunize against the security problems caused by this vulnerability.  

According to Dr. Shi Xiaohong, a security expert of Qihoo 360: "Since 1992, there has been a local privilege escalation vulnerability in the Windows operating system, through which hackers may seize the highest control of the system and easily undermine or prohibit any security software, including anti-virus software, firewall, proactive defense software, sand box and the system restore. They can also hack around the UAC protection of Windows Vista/Win7 or elevate the privilege on a server website to take control of the vulnerability network server, and directly threaten the information security of government, enterprises, Internet bars and PC users.

"This 18-year latent high-risk 0day vulnerability will affect all Windows operating system versions including Windows NT4.0, Windows 2000, Windows XP, Windows 2003, Windows Vista, Windows 7, Windows Server 2008, etc.," said Dr. Shi Xiaohong, who also claimed that the researchers in Qihoo 360 independently discovered this vulnerability at the end of October this year, and informed MSRC of the details of the vulnerability and demonstration program and assisted Microsoft to make the security patch for the vulnerability so as to solve this security problem, while Microsoft also acknowledged it was a serious privilege escalation vulnerability.

"If you liken Trojan horses to thieves sneaking into homes, then the local privilege escalation vulnerability may turn this thief into the host of your homes and do whatever it wants to do, since they can directly shut up or bypass any antitheft device you have installed. Qihoo 360's security experts suggested that previously Stuxnet has just used another Windows local privilege escalation vulnerability (CVE-2010-2743) to seize control of the system. This vulnerability first appeared in 1995 and has a latency of 15 years. In addition, in January 2010, Google's engineers also revealed an 'elder' vulnerability that existed since 1993. However, this time Qihoo 360 has discovered the "the oldest 0day vulnerability in history".

Qihoo 360 has been the first to intercept high-risk 0Day vulnerability attacks many times in China, including the vulnerabilities in IE XML, Microsoft Mpeg-2 video and Office web part, and also has received the public thanks of Microsoft for being the first to discover vulnerability in the Directshow video development Kit. The only domestic company for China's personal computer security, Qihoo 360, as the first company to independently discover this "18-year-ole 0day" vulnerability, again refreshes the records of China's security industry.

Dr. Shi Xiaohong said, "In the next 48 hours, all 360 Safe users just need to open 360 Trojan firewall with Internet connection. The 360 Safe will automatically update the temporary kernel patches directed against the vulnerability. Without any other operation, you can arm your computers with the exact immunities. Before Microsoft launches its official patch for the vulnerability, in order to protect users from the harm of this vulnerability, 360 Security Center will not disclose any technical details of the vulnerability temporarily," revealed Shi Xiaohong.

About Qihoo 360

Founded in July 2006, Qihoo 360 is the leading Internet security services provider in China. Our goal is to secure the Internet and destroy the cyber criminal ecosystem. With innovative cloud security technology and the world's largest cloud security system, Qihoo 360 discovers and defends from more than 3 millions new Trojans, plug-ins, and malwares every day, and cleans up hundreds of millions of intrusion or infection incidents. Qihoo 360 offers full-fledged, totally free-of-charge security products, such as 360 Safe, 360 Antivirus, 360 Secure Browser, 360 Safe Box, 360 Software Manager, and 360 Mobile Safe; protects Internet and mobile users; and ensures their security while online or on-the-go.

Source: Qihoo 360 Technologies Co. Ltd.