Nineteen years ago, consumers were given the most innovative Windows operating system ever created: Windows 95. It helped establish a precedent for future generations of operating systems, and it is still celebrated for assisting in the progression of other Windows products that we enjoy today.
Since then, however, there has been a bug that has gone undetected and unfixed until now. IBM researchers discovered the bug in May, but had collaborated with Microsoft to remedy the matter before going public with the news this week.
According to a blog post written by IBM researcher Robert Freeman, the security flaw has been present in every single edition of Windows since 1995. The bug would allow cyber attackers to remotely control a personal computer. Moving forward, users are now being urged to download updates to solve the issue.
IBM noted that the security bug had been sitting openly for anyone to see and observe. Consumers can download the latest 14 patches in Microsoft’s security updates, and two more are expected to be released soon.
“This complex vulnerability is a rare, ‘unicorn-like’ bug found in code that IE relies on but doesn’t necessarily belong to,” wrote Freeman. “The bug can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user’s machine — even sidestepping the Enhanced Protected Mode (EPM) sandbox in IE 11 as well as the highly regarded Enhanced Mitigation Experience Toolkit (EMET) anti-exploitation tool Microsoft offers for free.”
ZDNet reports that Microsoft further released a new version of Flash Player installed with Internet Explorers 10 and 11 amid problems that Adobe announced recently. Moreover, Microsoft rolled out non-security updates.
Although IBM and tech experts are doing their best in explaining the bug in laymen terms, industry professionals say that Microsoft is limiting the amount of information on the bug its giving to the public.