Microsoft Scrambles to Fix ‘Crazy Bad’ Bug

May 09, 2017

Microsoft has updated its malware protection after two Google employees discovered what they described as "the worst Windows remote code exec in recent memory."

According to a Microsoft security statement released after the revelation, a hacker who successfully exploited the vulnerability could "take control of the system." The attacker would have the ability to install programs, view, amend or delete data and even create new accounts "with full user rights." Vulnerability researcher Tavis Ormandy, who co-discovered the bug, tweeted Saturday that it was "crazy bad."

In response to the news about Windows' vulnerability, the Microsoft Security Response Center released a malware protection engine update to counteract the problem within days. Ormandy tweeted that it was "an amazing response," adding: "That was incredible work."

He later tweeted that he was "still blown away" at the speed at which Microsoft (msft) dealt with the problem.

All products and services featured are based solely on editorial selection. FORTUNE may receive compensation for some links to products and services on this website.

Quotes delayed at least 15 minutes. Market data provided by Interactive Data. ETF and Mutual Fund data provided by Morningstar, Inc. Dow Jones Terms & Conditions: S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions