High-severity Windows security flaw enables attackers to hijack any application

clock • 2 min read

Bug affects all versions of Microsoft Windows, back from Windows XP to Windows 10

A security researcher has revealed details of a high-severity security flaw in the Microsoft CTextFramework (CTF) protocol that leaves Windows wide open to hijacking. The vulnerability affects a...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
Microsoft Windows Autopatch is now generally available for enterprise

Security Technology

It aims to relieve IT administrators of the load of monthly updates by transferring it to Microsoft

clock 12 July 2022 • 3 min read
Microsoft fixes three zero-days in March Patch Tuesday update

Threats and Risks

None of the publicly disclosed bugs appears to be actively exploited in attacks

clock 10 March 2022 • 3 min read
Chrome update addresses seven high-severity vulnerabilities

Threats and Risks

Bug details 'may be kept restricted until a majority of users are updated with a fix'

clock 23 August 2021 • 2 min read
Most read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Threats and Risks

Microsoft Patch Tuesday fixes two critical bugs

Microsoft Patch Tuesday fixes two critical bugs

Microsoft fixed 60 vulnerabilities, including 18 remote code execution flaws in its March Patch Tuesday update.

John Leonard
clock 13 March 2024 • 3 min read
Lazarus uploading malware to open-source PyPl software repository

Lazarus uploading malware to open-source PyPl software repository

Supply chain attack leaves developers in Asia at particular risk

clock 12 March 2024 • 3 min read
Patch VMware vulnerabilities, admins urged

Patch VMware vulnerabilities, admins urged

ESXi, Workstation Pro/Player, Fusion Pro/Fusion and Cloud Foundation affected

John Leonard
clock 07 March 2024 • 1 min read