– Microsoft finally fixes 19-year-old ‘rare, unicorn like’ bug (RT, Nov 12, 2014):
The Microsoft Corporation has finally sorted out a bug that has plagued its Windows operating system undetected for the last 19 years.
The bug was present in every version of Microsoft Windows from Windows 95 onwards, and allows a remote user to take over and control a computer.
The bug allowed any attacker to run code remotely whenever a user visited a malicious website. IBM researcher Robert Freeman described the bug as a “rare, ‘unicorn-like’ bug found in code that IE (Internet Explorer) relies on but doesn’t necessarily belong to.”
Microsoft has now produced patches which it began issuing on Tuesday to fix the bug. The cyber-security team of IBM, which produces the hardware for Microsoft software, discovered the bug in May and said it was a “significant vulnerability” in the operating system.
“The bug can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user’s machine,” Freeman wrote in a blog post.
However, IBM also warned there could still be other undetected bugs out there.