…“The vulnerable driver ships with every version of Windows, up to and including Server 2025,” Adam Barnett, lead software engineer at Rapid7, said. “Maybe your fax modem uses a different chipset, and so you don’t need the Agere driver? Perhaps you’ve simply discovered email? Tough luck. Your PC is still vulnerable, and a local attacker with a minimally privileged account can elevate to administrator.”…
People have probably been sitting on exploits for months or longer. There will probably be another wave after the 1 year extended support ends.
If I remember correctly, MS still pushed some critical patches to Win7 after the support ended as they realized 1/3 of world’s computers turning into botnets is probably not in their interests.
Wow, that’s hilarious.