…“The vulnerable driver ships with every version of Windows, up to and including Server 2025,” Adam Barnett, lead software engineer at Rapid7, said. “Maybe your fax modem uses a different chipset, and so you don’t need the Agere driver? Perhaps you’ve simply discovered email? Tough luck. Your PC is still vulnerable, and a local attacker with a minimally privileged account can elevate to administrator.”…
That’s still a lot of people that use that damn driver. I know at least in medical billing there’s always someone still using a damn fax machine. Almost every claim passes through fax technology at some point, although more and more of it is being emulated.
Where I work, it’s used mostly by emergency rooms that don’t want to use anything else.
This is not an environment where you want an exploit.
Time to move that paper hybrid system to a full EHR.