Security researchers from SafeBreach labs have published the code for software that can roll back Windows to reopen old security vulnerabilities. Microsoft hasn’t fully addressed the issue.
In a nutshell: Researchers have developed a cyberattack that reverses Windows security updates to exploit previously patched vulnerabilities. Although they cannot deploy the malware remotely, users should observe standard security practices, even on fully updated operating systems. Microsoft has released a detailed guide for minimizing the risk of a downgrade attack as the company develops a more comprehensive solution.
Security researchers from SafeBreach labs have published the code for software that can roll back Windows to reopen old security vulnerabilities. Microsoft hasn’t fully addressed the issue yet, but instituting a strict revocation policy can help defend against it until a proper fix is available.
