microsoft_downplays_nightmare_windows_kernel_flaw

Back to Giveaway of the Day

Giveaway of the Day Forums » Talks

microsoft_downplays_nightmare_windows_kernel_flaw

(2 posts) (1 voice)

Started 13 years ago by Anonymous
Latest reply from Anonymous

Anonymous
Unregistered

http://www.pcworld.com/article/211765/

microsoft_downplays_nightmare_windows_kernel_flaw.html?&tk=hp_fv
The bug is in the "win32k.sys" file, a part of the kernel, and exists in all versions of Windows, including XP, Vista, Server 2003, Windows 7.
"This exploit allows malware that has already been dropped on the system to bypass [UAC] and get the full control of the system,
"It's an opportunity that malware writers surely won't miss."
UAC's effectiveness has been called into question before. Last year, Microsoft modified Windows 7's UAC after a pair of bloggers reported that it could be easily disabled by attackers.
http://www.h-online.com/security/news/item/Another-zero-day-vulnerability-in-the-Windows-kernel-1142264.html
This can, for example, be used to insert a rootkit deep in the operating system. According to Prevx, the vulnerability affects both 32 and 64-bit version of Windows XP, Vista and Windows 7

Posted 13 years ago #
Anonymous
Unregistered

http://nakedsecurity.sophos.com/2010/11/25/new-windows-zero-day-flaw-bypasses-uac/

The good news? For this to be exploited, malicious code that uses the exploit needs to be introduced. This means your email, web, and anti-virus filters can prevent malicious payloads from being downloaded.

Update: Sophos detects the proof of concept as Troj/EUDPoC-A. Stay tuned for further details as they become available.

I've also created this video showing how it works and what you can do. (The Fix)

Posted 13 years ago #

RSS feed for this topic

Reply

You must log in to post.