Microsoft is focusing on Windows 10 operating system and as the company’s full focus is on the new Windows, Microsoft is ignoring Windows 7 and the users are left vulnerable. All older versions of Windows are vulnerable to hackers and Google claims that the patches that are being released to Windows 10 are revealing the security flaws in Windows 7.
Google has explained that when Microsoft releases security updates for Windows 10, at the same time they should also update the older versions of Windows operating system. Microsoft is actually patching Windows 10 first and later the older versions of Windows, as a result it is easy to hack Windows 7 because Microsoft has already revealed the vulnerability with Windows 10 patch.
Google Project Zero researcher Mateusz Jurczyk explained that hackers can easily find the updated code and find ways to exploit old Windows operating system. The ultimate solution is to release patches for all supported versions of Windows together.
“This creates a false sense of security for users of the older systems, and leaves them vulnerable to software flaws which can be detected merely by spotting subtle changes in the corresponding code in different versions of Windows,” Google’s security expert explained.
Google’s Mateusz Jurczyk also tested the above theory to discover the vulnerabilities in Windows and he was successful. He also claims that even the normal hackers can exploit old Windows system as it is not really difficult.
“We hope that these were some of the very few instances of such “low hanging fruit” being accessible to researchers through diffing, and we encourage software vendors to make sure of it by applying security improvements consistently across all supported versions of their software,” he added.
Microsoft spokesperson advises the users to use Windows 10 as it is being updated on a regular basis, he also notes that Microsoft is committed to investigating the reported security issues and they will release the new updates to address the vulnerabilities. The spokespersons also recommend Microsoft Edge over any web browser for best protection.
“Windows has a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible. Additionally, we continually invest in defense-in-depth security and recommend customers use Windows 10 and the Microsoft Edge browser for the best protection,” Microsoft’s spokesperson said.