Anyone running Windows 7 could be at risk of zero day attacks according to researchers. Moti Joseph together with malware analyst Marion Marschalek developed a tool which they used to compare hundreds of libraries built into Windows 8 with their Windows 7 counterparts. The pair found that a number of security functions has been updated in Windows 8, but remain untouched in Windows 7.
Marschalek said it was “scary simple” to develop the comparison tool, and there is no reason that something similar could not be created by someone else. It would then be a very simple matter of analyzing the functions that had changed between the two operating systems to exposed vulnerabilities in Windows 7.
Four “safe functions” were found to be missing from Microsoft’s dedicated libraries intsafe.h and strsafe.h, according to The Register. At the TROOPERS14 security conference a demonstration was given of the DiffRay tool, and you can see it in the following video:
Joseph speculated that Microsoft had not updated the files in Windows 7 in a bid to save money. “Microsoft does not want to waste development time on older operating systems […] they want people to move to higher operating systems”.
Support has now officially ended for Windows XP — unless you’re a government organization willing to pay — but there is still a good deal of life left in Windows 7, which make this discovery all the more surprising.
Microsoft has yet to comment on the revelations.
