Security experts constantly warn about the dangers of using unsupported operating systems. The moment a crack is found in them, Microsoft will no longer issue a patch. In this case, even the best antivirus program will no longer protect against attackers on an unsupported platform.
–
How dangerous it is, the server Bleeping Computer has now pointed out, which has described in detail a new vulnerability in Windows 7. Although this system is no longer supported, it is still used by 11.54% of people, so sevens are running on roughly every tenth computer. That’s a bigger share, by the way, than the latest elevens, which run on 10.96% of machines.
–
The mentioned vulnerability concerns the Calculator application (calc.exe), which has always been pre-installed in the operating system since the days of the first Windows. However, the crack seems to only affect sevens, in the newer Windows 10 and 11 the calculator cannot be misused by attackers.
–
The flaw can be exploited by attackers to inject virtually any malicious code into a compromised machine. Through it, they can access stored data, spy on the user’s work, push him fake websites, remotely control the enslaved assembly, or even block the entire machine and encrypt the stored data. They will then demand money for making them available.
–
A backdoor to a compromised system
Hackers behind the infamous QBot Trojan virus are already actively exploiting the discovered crack, according to Bleeping Computer. All they need for a successful attack is to get a fake library (DLL) together with a fake calc.exe application on the victim’s computer. They can do this, for example, through unsolicited e-mails, but malicious code can also be placed on fake websites.
–
The fake calc.exe file then replaces the real Calculator and connects to the QBot Trojan. This basically works as a backdoor to the attacked machine, with which the attackers can then do whatever they like.
–
Historically, the calculator has not been massively abused for attacks. It is a fixed part of Windows, this application is generally considered to be trusted. But because of this, the security software may not detect the threat correctly.
–
If people are already using Windows 7, they should be very careful about suspicious attachments in emails and before visiting or downloading any files from unknown websites.
—
