434
Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped
(thehackernews.com)
this post was submitted on 15 Oct 2025
434 points (99.3% liked)
Technology
76089 readers
2408 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Nope, 0-day means it was exploited in the wild before the company knew about it. Basically, the company had to rush to patch it because it was already being exploited. It means black-hat hackers found it and exploited it before the white/grey-hat hackers reported it. If white-hat hackers found it first, they’d have already alerted the company and given time to patch it before they announced the vulnerability. But since the black-hat hackers found it first, it was a 0-day.
0-day patches are often a bodge, at best. They often consist of “just disable the vulnerable component entirely” to give the company time to work on a more long-term solution. And that’s exactly what happened here. MS didn’t take time to actually fix the driver; They just ripped it out and said “sucks if you needed it. It’s gone now.”