Microsoft fixes 19-year-old Windows bug

Microsoft Corp issued patches on Tuesday to fix a bug in its Windows operating system that remained undiscovered for 19 years. The bug can be used to remotely control a PC, therefore Windows users are urged to immediately download new security updates on their machines. IBM Corp’s cybersecurity research team discovered the bug in May, describing it as a “significant vulnerability” in the operating system. IBM said the bug can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user’s machine – even sidestepping the Enhanced Protected Mode.

The buggy code is at least 19 years old and has been remotely exploitable for the past 18 years.

an IBM statement