[Fix] Vulnerability on 32-bit Windows 7

Some days ago I was going through some article fixing the error on windows 7….but suddenly I got an article about the 17- year old EoP (Elevation of Privilege) Vulnerability that is still surviving in our Operating system with a multiple iteration of  platform. It is the case of the BIOS calls in the virtual 8086 mode monitor code which was introduced in Windows NT 3.1, released in 1993 and that is surviving till this day in Windows 7. In this regard, Microsoft has confirmed information made Public detailing a vulnerability contained in every release of the Windows NT kernel and dating back 17 years.

The Redmond company released Security Advisory 979682 to help customers mitigate the vulnerability until a patch is made available. The Windows NT #GP Trap Handler security hole, discovered and documented by Google engineer Tavis Ormandy, can potentially allow an attacker to elevate an existing account on a 32-bit (x86) Windows machine to full administrative privileges. This is nothing more than an Elevation of Privilege (EoP) vulnerability affecting the Windows kernel. It only impacts versions of 32-bit Windows, including XP, Vista and Windows 7. 64-bit (x64) Windows flavors are in no way affected.

User must not panic on this vulnerability because the risk associated with this vulnerability is extremely low. It is critical to note and the flaw cannot be exploited remotely. An attacker would already have to have access to a windows computer containing a vulnerable version of the operating system. Moreover, the attacker would also need access to an account on that computer.

so to help mitigate exploit of this vulnerability, users who do not require NT virtual DOS mode (NTVDM) or support for 16-bit application can disable the NTVDM. Here the steps necessary to disable the NTVDM subsystem.

1. Click Start—>Run—> type gpedit.msc n click on ok

this will open the Group Policy Console

2. Expand the Administrative Templates folder, and then click Windows Componets.

3. Click the Application Compatibility folder

4. In the details panel, Double click the Prevent access to 16-bit application policy setting. By default, this is set to Not Configured.

5.Change the policy setting to Enable, and then click OK.

Note:- After this User are not able to run 16-bit application….but still user want to use 16 bit application do similar process but at last click on disable on policy setting.

One Comment

Add a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.