With all the recent web-related security vulnerabilities in Mac and Linux, it's finally Microsoft's turn to take the blame. Make sure you protect your computer so you don't lose any domains!
A patch for Windows 7 and higher released April 14, 2015 fixed a vulnerability known as as HTTP.sys.vuln, or more formally MS15-034. The vulnerability most likely exists on earlier versions of Windows, including XP and Vista, but those versions will not be receiving patches. If you're on Windows 7 or 8.1, update! If you're still on XP, it might just be time to get a new computer. Note that antivirus software probably isn't going to help you this time, though a good firewall could mitigate some attacks. Web accounts are often targeted by widespread attacks, so make sure you enable two-factor authentication where possible. Many registrars and e-mail providers support 2FA, including Uniregistry, GoDaddy, Namecheap, Dynadot, and Google.
HTTP.sys was introduced alongside IIS 6 in the Windows XP/2003 era. It's used by many networking-related services that run on typical desktop and laptop computers, even if IIS isn't installed. I also found a variety of common third-party programs on my computers that were using it. Web servers running Windows are at the greatest risk because the web service, IIS, is deliberately exposed to the Internet; however, that doesn't mean personal computers are in the clear.
Remember the Heartbleed vulnerability that gained a lot of publicity not too long ago? HTTP.sys.vuln is similar in effect to that. The first known Proof-of-Concept exploit is able to scan for vulnerable systems, and optionally induce the infamous Blue Screen of Death with a minor modification. Since then, other researchers have been able to read arbitrary memory from insecure systems. This memory could theoretically contain confidential information, such as encryption keys, passwords, or credit card numbers. If you're a domainer, this compromises the security of your entire portfolio.
Microsoft has indicated that the vulnerability may even allow remote code execution; in this case, that would mean an attacker could run anything on your computer at the most privileged level, bypassing all permissions and security software. As of April 26, there don't seem to be any attacks of this type in the wild yet, but they'll inevitably surface in the near future.
This is a good reminder that it's important to install all operating system updates at least once per week, no matter what platform you're on. It's also important to stay on a recent version of your platform of choice. This means that if you're a Windows fan, you're not using anything prior to Windows 7. Hackers typically go for low-hanging fruit, and users with software that has reached End-Of-Life are in that category. Antivirus software can't adequately protect a system that is out-of-date. Chances are you conduct a fair amount of business on the Internet, which is all the more reason to invest a little extra time in the security of your computer.
A patch for Windows 7 and higher released April 14, 2015 fixed a vulnerability known as as HTTP.sys.vuln, or more formally MS15-034. The vulnerability most likely exists on earlier versions of Windows, including XP and Vista, but those versions will not be receiving patches. If you're on Windows 7 or 8.1, update! If you're still on XP, it might just be time to get a new computer. Note that antivirus software probably isn't going to help you this time, though a good firewall could mitigate some attacks. Web accounts are often targeted by widespread attacks, so make sure you enable two-factor authentication where possible. Many registrars and e-mail providers support 2FA, including Uniregistry, GoDaddy, Namecheap, Dynadot, and Google.
HTTP.sys was introduced alongside IIS 6 in the Windows XP/2003 era. It's used by many networking-related services that run on typical desktop and laptop computers, even if IIS isn't installed. I also found a variety of common third-party programs on my computers that were using it. Web servers running Windows are at the greatest risk because the web service, IIS, is deliberately exposed to the Internet; however, that doesn't mean personal computers are in the clear.
Remember the Heartbleed vulnerability that gained a lot of publicity not too long ago? HTTP.sys.vuln is similar in effect to that. The first known Proof-of-Concept exploit is able to scan for vulnerable systems, and optionally induce the infamous Blue Screen of Death with a minor modification. Since then, other researchers have been able to read arbitrary memory from insecure systems. This memory could theoretically contain confidential information, such as encryption keys, passwords, or credit card numbers. If you're a domainer, this compromises the security of your entire portfolio.
Microsoft has indicated that the vulnerability may even allow remote code execution; in this case, that would mean an attacker could run anything on your computer at the most privileged level, bypassing all permissions and security software. As of April 26, there don't seem to be any attacks of this type in the wild yet, but they'll inevitably surface in the near future.
This is a good reminder that it's important to install all operating system updates at least once per week, no matter what platform you're on. It's also important to stay on a recent version of your platform of choice. This means that if you're a Windows fan, you're not using anything prior to Windows 7. Hackers typically go for low-hanging fruit, and users with software that has reached End-Of-Life are in that category. Antivirus software can't adequately protect a system that is out-of-date. Chances are you conduct a fair amount of business on the Internet, which is all the more reason to invest a little extra time in the security of your computer.