10:20 0day vulnerability in the current OS from microsoft | |
| 24th November was disclosed 0day vulnerability that affects all the most popular current operating systems Windows, namely Windows XP, Vista, 7, and Windows Server 2008. At the moment, are under attack, even a system with all security updates, both 32-bit and 64-bit edition. Technical details have been published on the Chinese forum and have led to speculation that hackers will soon begin full swing exploit the vulnerability. Exploit uses a bug in the file win32k.sys, entering into the core of Windows, and is the result of the fact that the call API NtGdiEnableEUDC unable to verify the user input for malicious content. Attackers can exploit this bug to overwrite the return addresses on malicious code, which is then executed in privileged mode. As a result, the gap allows the user or process, even with limited privileges to execute code with elevated privileges. By its nature, an exploit to circumvent the protection afforded by technology UAC (User Account Control), is present in Windows Vista and Windows 7. Use for an account that does not have administrator rights, respectively, also did not save. It is worth noting that currently exploit properly works not on all versions of the kernel - in some cases a BSOD, but perhaps a potential attacker will not be difficult to modify it to work on other versions. Kaspersky Lab exploit is detected as Exploit.Win32.EUDCPoC.a. Representatives of Microsoft said that they are aware of the problem and engaged in its study. This vulnerability is already the second 0day bug in the Microsoft products over the last month - had previously been discovered vulnerability in Internet Explorer. | |
|
| |
| Total comments: 0 | |