• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
public exploit released for windows 10 bug

Public Exploit Released for Windows 10 Bug

You are here: Home / Latest Cyber Security Vulnerabilities / Public Exploit Released for Windows 10 Bug
January 31, 2022

The vulnerability has an effect on all unpatched Windows 10 versions following a messy Microsoft January update.

Security teams might have skipped January’s Patch Tuesday right after reports of it breaking servers, but it also provided a patch for a privilege-escalation bug in Windows 10 that leaves unpatched systems open up to destructive actors on the lookout for administrative entry.  It is a bug that now has a evidence-of-idea exploit obtainable in the wild.

The exploit was introduced by Gil Dabah, founder and CEO of Privacy Piiano, who tweeted that he made a decision not to report the bug two many years back soon after finding it complicated to get compensated on other bug bounties via the Microsoft system.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Observed it two yrs ago. Not just lately. That’s the position. https://t.co/PtRuNDAEYQ

— Gil Dabah (@_arkon) January 26, 2022

The LPE Bug

“A nearby, authenticated attacker could obtain elevated community program or administrator privileges via a vulnerability in the Win32k.sys driver,” Microsoft spelled out in it is advisory, component of January’s Patch Tuesday updates.

The disclosure for CVE-2022-21882 from RyeLv, who is attributed with the come across, was posted on Jan. 13 and described the gain32k item sort confusion vulnerability.

“The attacker can connect with the appropriate GUI API at the consumer_method to make the kernel connect with like xxxMenuWindowProc, xxxSBWndProc, xxxSwitchWndProc, xxxTooltipWndProc, etcetera.,” the disclosure by RyeLV said.

“These kernel features will set off a callback xxxClientAllocWindowClassExtraBytes. Attacker can intercept this callback through hook xxxClientAllocWindowClassExtraBytes in KernelCallbackTable,and use the NtUserConsoleControl method to set the ConsoleWindow flag of the tagWND object, which will modify the window type.”

The bug was remaining exploited by subtle groups as a zero-working day issue, Microsoft reported.

Regarding the just-preset CVE-2022-21882: acquire32k privilege escalation vulnerability,CVE-2021-1732 patch bypass,effortless to exploit,which was utilized by apt attacks

— b2ahex (@b2ahex) January 12, 2022

Microsoft Requirements to Up It’s Bug Bounty Match?

January’s Patch Tuesday was plagued by Windows server update issues that could have understandably made internal security teams pause before downloading the patches. But a PoC is now readily available for the bug, putting exploitation in reach of cybercriminals of all degrees of know-how.

Dabah explained that Microsoft’s bug-bounty system was problematic.

The motive I didn’t disclose it, was since I waited to get paid out by Msft for prolonged time for other stuff. By the time they compensated they lowered awards to nothing at all practically. I was previously hectic with my startup and that’s the story how it went unfixed. @ja_wreck https://t.co/PtRuNDAEYQ

— Gil Dabah (@_arkon) January 28, 2022

 

Investing in the program was the principal advice in RyeLv’s complex analysis to Microsoft.

He pointed out how to “kill the bug class”: “Improve the kernel zero-working day bounty, permit a lot more security researchers take part in the bounty program, and enable the technique to be extra fantastic.”

It need to be mentioned that Microsoft has been willing to toss additional funding at bug-bounty programs for other substantial-profile products, which includes past spring’s announcement the company would pay out up to $30,000 for Groups bugs.

The computing big did not straight away return a request for remark.

Test out our free upcoming live and on-desire online town halls – special, dynamic discussions with cybersecurity gurus and the Threatpost community.


Some elements of this write-up are sourced from:
threatpost.com

Previous Post: «Cyber Security News Aussie Tech Entrepreneur Extradited Over SMS Fraud
Next Post: Behind The Buzzword: Four Ways to Assess Your Zero Trust Security Posture behind the buzzword: four ways to assess your zero trust»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Enzo Biochem Hit by Ransomware, 2.5 Million Patients’ Data Compromised
  • US and Korean Agencies Issue Warning on North Korean Cyber-Attacks
  • Malicious PyPI Packages Use Compiled Python Code to Bypass Detection
  • New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America
  • The Importance of Managing Your Data Security Posture
  • Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
  • Insurers Predict $33bn Bill for Catastrophic “Cyber Event”
  • Chinese Phishing Gang “PostalFurious” Expands Campaign
  • Kaspersky Says it is Being Targeted By Zero-Click Exploits
  • North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

Copyright © TheCyberSecurity.News, All Rights Reserved.