Comment

Comment on Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

paraphrand@lemmy.world ⁨1⁩ ⁨month⁩ ago

It’s interesting that this supposedly goes back to Windows 3.1?

source

Sort:hotnew top

SnotFlickerman@lemmy.blahaj.zone ⁨1⁩ ⁨month⁩ ago
Other articles make more clear why that is.

cyberpress.org/windows-agere-modem-driver-0-day-f…

Rather than issuing a traditional patch for each vulnerability, Microsoft’s October cumulative update completely removes the ltmdm64.sys driver from affected systems.

As a result, all fax modem hardware relying on the Agere Modem driver will cease to function. While mail and messaging over IP have largely supplanted analog modems, some industrial and legacy applications still depend on fax modems.

Organizations must therefore audit their environments for any remaining modem dependencies and either migrate to supported alternatives or implement workarounds where available.

Microsoft’s advisory explicitly recommends that customers eliminate any reliance on the deprecated hardware to avoid service disruptions.

So maybe not all the way back to the original release, but back to the first release that included this specific telephony modem driver, ltmdm64.sys. If I recall correctly, Windows 3.1 brought networking capabilities.

However, another article claims it has only been shipped with every version of Windows since 2006.

thestack.technology/windows-users-hacked-due-to-l…

CVE-2025-24990 was credited to a security researcher going by the handle @shitsecure who told The Stack by DM “it’s a driver from 2006, never changed… I think it was historically shipped with everything, although that doesn’t make sense at all.”

source
- paraphrand@lemmy.world ⁨1⁩ ⁨month⁩ ago
  Thanks for the details!
  
  I wonder how often they clean stuff up like this. That crossed my mind earlier, I’m sure there is a bunch of “dormant” software that could be cleaned out or made optional in some way.
  
  I’m sure the making it optional idea is easier said than done. Especially from a standpoint of discoverability and usability.
  
  source
  - SnotFlickerman@lemmy.blahaj.zone ⁨1⁩ ⁨month⁩ ago
    Right, it was referenced in one of the articles that a bunch of legacy industrial machines likely still use this hardware, so they’re probably going to have to go dig up PCI modems from that era without the Agere/Lucent chipset.
    
    source
    adespoton@lemmy.ca ⁨1⁩ ⁨month⁩ ago
    People using that legacy hardware generally can’t run Windows 10, which just ended support this month. The patch is only for Windows 11, which won’t run on older hardware.
    
    source
    -> View More Comments
- muusemuuse@sh.itjust.works ⁨1⁩ ⁨month⁩ ago
  That’s still a lot of people that use that damn driver. I know at least in medical billing there’s always someone still using a damn fax machine. Almost every claim passes through fax technology at some point, although more and more of it is being emulated.
  
  Where I work, it’s used mostly by emergency rooms that don’t want to use anything else.
  
  This is not an environment where you want an exploit.
  
  source
  - GaryGhost@lemmy.world ⁨1⁩ ⁨month⁩ ago
    Time to move that paper hybrid system to a full EHR.
    
    source
- floquant@lemmy.dbzer0.com ⁨1⁩ ⁨month⁩ ago
  Are there any figures for how widespread that Agere chip is? I wonder if any German companies are going to be bit in the aas by this lol
  
  source
EndlessNightmare@reddthat.com ⁨1⁩ ⁨month⁩ ago
I was curious about the “every version ever shipped.”

This gets really old school.

source
Agent641@lemmy.world ⁨1⁩ ⁨month⁩ ago
Personally I blame Dave Plummer.

source
87Six@lemmy.zip ⁨1⁩ ⁨month⁩ ago
Ah yes the 0-decade vulnerability…

Boi will I miss the ever-encompasing shield of Microsoft when my Windows 10 stops receiving updates…

source
Delta_V@lemmy.world ⁨1⁩ ⁨month⁩ ago
makes you wonder if/how/by who its been used all these years

source
- deathbird@mander.xyz ⁨1⁩ ⁨month⁩ ago
  I expect it’s stuff like ATMs, Coinstar machines. Things that may need to phone home regularly but don’t need to sit online constantly.
  
  source