Check Point Software Technologies has discovered six new vulnerabilities in Microsoft Windows, including one critical flaw with potentially far-reaching consequences.
According to the cybersecurity firm, these issues could lead to system crashes, arbitrary code execution, or the leakage of sensitive data.
Check Point confidentially reported the findings to Microsoft, which then rolled out the necessary security updates on Patch Tuesday on August 12th . What’s striking, according to the cybersecurity firm, is that one of the vulnerabilities is likely the first publicly documented flaw in a Rust-based component of the Windows kernel. “This raises important questions about the limits of memory safety in modern software,” the researchers stated.
No watertight guarantees
The Windows kernel is the core layer of Microsoft’s operating system. The flaw in question could cause a complete system crash, requiring a hard reboot and immediately taking users offline.
The introduction of Rust in Windows was intended to improve system security. In this case, the problem arose because Rust detected an underlying problem but failed to isolate it, resulting in a system-wide crash.
“In companies with many workstations or remote workers, this is a significant risk,” Check Point states. “Attackers could theoretically shut down multiple systems in a single fell swoop, leading to widespread outages and high costs. This issue demonstrates that even modern security technologies like Rust don’t offer foolproof security.”
Be First to Comment