A new critical security flaw has been found in all activated versions of Windows, from 7 through 10. The vulnerability, related to an encryption problem in the operating system kernel, allows third parties to break into PCs and control them as they wish, according to the Project Zero security team, headed by Google – which had given seven days to publish new details.
According to Microsoft, the alert should be observed with caution, since, he says, there is no evidence that the issue has been explored, also declaring that any threats are limited. The company also adds that the gap, called CVE-2020-17087, depends on another one to represent danger, CVE-2020-15999, already corrected in previous patches.
Therefore, those who keep their OSs up to date, apparently, need not worry.
Expectations and actions
The company founded by Bill Gates has not met the limit set by Project Zero, but the next package, scheduled for November 10, is expected to bring the solution. “Developing a security update is a balance between punctuality and quality,” a representative told Forbes.
Although any immediate risk must be dealt with urgently, it is necessary to take into account the reservations indicated by Microsoft. Anyway, at first, if everything is in its latest version, there is no need to panic.