Microsoft has applied patches to Windows 8 files but left Windows 7 vulnerable

By | June 8, 2014

Many of you who are using Windows 7  have written to us asking if  you should upgrade to Windows 8.x in light of the recent revelations that Microsoft has released fixes for Windows 8 for zero-day vulnerabilities but not for Windows 7.

According to Microsoft, Windows 7 with Service Pack One (SP1) will be supported until January 14, 2020 (extended support). This begs the question: Why is Microsoft releasing critical updates and patches for Windows 8.x but not for the still fully supported Windows 7 SP1? Some say money, some say to stimulate sales of its worst selling operating system (Windows 8.x) since Windows ME, but we don’t know. W’e’re not going to guess. I’m not a big Microsoft fan anymore but I think we should wait for them to respond to this before we all jump to conclusions.

Our job is to keep you informed. Most times on this site, we feature articles we feel you’ll find interesting and informative. Sometimes we throw in an article we know is controversial to stimulate discussion as well as to inform. We are not sure where this article fits in; it’s controversial, no doubt, it’s also informative. We are sure you’ll see many more articles about this in the coming days in main stream media — like CNN,  “USA Today” and FOX News. Unfortunately, sometimes what those media services report isn’t exactly free from hyperbole with a little opinion slant too.

Let’s all give Microsoft a chance to respond before we think about filing class-action lawsuits, move to Apple, or buy Windows 8.x. We need to wait and see what Microsoft has to say about this — or until there is a wide-spread zero-day attack on Windows 7 which can be provably attributed to Microsoft’s actions or lack thereof.

Microsoft has applied patches to Windows 8 files but left Windows 7 vulnerable

Anyone running Windows 7 could be at risk of zero day attacks according to researchers. Moti Joseph together with malware analyst Marion Marschalek developed a tool which they used to compare hundreds of libraries built into Windows 8 with their Windows 7 counterparts. The pair found that a number of security functions has been updated in Windows 8, but remain untouched in Windows 7.

Marschalek said it was “scary simple” to develop the comparison tool, and there is no reason that something similar could not be created by someone else. It would then be a very simple matter of analyzing the functions that had changed between the two operating systems to exposed vulnerabilities in Windows 7.

Four “safe functions” were found to be missing from Microsoft’s dedicated libraries intsafe.h and strsafe.h, according to The Register. At the TROOPERS14 security conference a demonstration was given of the DiffRay tool, and you can see it in the following video:

Joseph speculated that Microsoft had not updated the files in Windows 7 in a bid to save money. “Microsoft does not want to waste development time on older operating systems […] they want people to move to higher operating systems”.

Support has now officially ended for Windows XP — unless you’re a government organization willing to pay — but there is still a good deal of life left in Windows 7, which make this discovery all the more surprising.

Microsoft has yet to comment on the revelations.

SOURCE: WinBeta

5 thoughts on “Microsoft has applied patches to Windows 8 files but left Windows 7 vulnerable

  1. Deanna Baugh

    What happened to google coming out with an operating system? Dang, I wish they would!!!!
    It would blow Microsoft away and that needs to happen NOW!

    Reply
    1. infoave Post author

      Actually Google has two: One is called Chrome OS (you can find it on all Chromebooks) and the other is Android which is on over 50% of all the world’s tablets and smart phones. Android-powered laptops and desktops are rumored to be coming later this summer.

      Reply
  2. Patricia McCosker

    When my hard drive and mother board had to be replaced recently I was forced to accept Windows 8.1 which came with their replacements…To say that I hate it is an understatement, but I read somewhere that early in the New Year we can expect Windows 9 which will be much easier to use and contain many of the elements we loved in Windows XP. I am wondering if anyone can tell me if this is true

    Reply
  3. Muriel.S

    I’ve noticed the only Win7 updates are the definitions for Windows Defender. That doesn’t make me feel very
    comfortable about Microsoft providing PROPER support for Win7 ’til 2020. I’m really suspicious that Microsoft would do ANYTHING to force people to Win8xxxxx, even if it meant sabotaging Win7 (and it’s users)
    through withholding security updates. i certainly hope I’m wrong, but it doesn’t look that way to me.
    Having a Microsoft OS without constant volumes of updates is very un-Microsoft.

    Reply
  4. Cathy

    Thank you . Now I am getting updates since you posted this. Thank you.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *