Microsoft patches Sandworm vulnerability

Victor Barreiro Jr.

This is AI generated summarization, which may have errors. For context, always refer to the full article.

Microsoft patches Sandworm vulnerability
The vulnerability allows for someone to remotely execute code on another's computer if a user opens a compromised file with a specially crafted OLE object

MANILA, Philippines – Microsoft released a security update Tuesday, October 14, patching a zero-day vulnerability in Windows operating systems that could allow an attacker to gain access to Windows PCs.

The vulnerability, formally called CVE-2014-4114, allows for “remote code execution if a user opens a file that contains a specially crafted OLE object,” such as a compromised Powerpoint file.

Microsoft notes the following operating systems as being affected by Sandworm:

  • Windows Vista – Service Pack 2, including standard and x64 versions
  • Windows Server 2008 – Service Pack 2, including x32, x64 and Itanium-based versions
  • Windows 7 – Service Pack 1 for x32 and x64 versions
  • Windows Server 2008 R2 – Service Pack 1 for x64 and Itanium-Based versions
  • Windows 8 and 8.1 – includes 32-bit and x64 versions
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows RT and RT 8.1

Users of the following OS types should check for updates to their systems and patch accordingly. – Rappler.com

Add a comment

Sort by

There are no comments yet. Add your comment to start the conversation.

Summarize this article with AI

How does this make you feel?

Loading
Download the Rappler App!
Person, Human, Sleeve

author

Victor Barreiro Jr.

Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.