\
Anyone running Windows 7 could be at risk of zero day attacks according to researchers. Moti Joseph together with malware analyst Marion Marschalek developed a tool which they used to compare hundreds of libraries built into Windows 8 with their Windows 7 counterparts. The pair found that a number of security functions has been updated in Windows 8, but remain untouched in Windows 7.
\
\
\
Marschalek said it was “scary simple” to develop the comparison tool, and there is no reason that something similar could not be created by someone else. It would then be a very simple matter of analyzing the functions that had changed between the two operating systems to exposed vulnerabilities in Windows 7.
\
Four “safe functions” were found to be missing from Microsoft’s dedicated libraries intsafe.h and strsafe.h, according to The Register. At the TROOPERS14 security conference a demonstration was given of the DiffRay tool, and you can see it in the following video:
\
\
Joseph speculated that Microsoft had not updated the files in Windows 7 in a bid to save money. “Microsoft does not want to waste development time on older operating systems […] they want people to move to higher operating systems”.
\
\
\
Support has now officially ended for Windows XP — unless you’re a government organization willing to pay — but there is still a good deal of life left in Windows 7, which make this discovery all the more surprising.
\
Microsoft has yet to comment on the revelations.
\
