• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Windows Zero Day Still Circulating After Faulty Fix

Windows Zero-Day Still Circulating After Faulty Fix

You are here: Home / Latest Cyber Security Vulnerabilities / Windows Zero-Day Still Circulating After Faulty Fix

The LPE bug could allow an attacker to install systems perspective, alter, or delete info or develop new accounts with full person rights.

A high-severity Windows zero-day that could direct to comprehensive desktop takeover continues to be harmful right after a “fix” from Microsoft failed to sufficiently patch it.

The local privilege-escalation bug in Windows 8.1 and Windows 10 (CVE-2020-0986) exists in the Print Spooler API. It could enable a neighborhood attacker to elevate privileges and execute code in the context of the recent consumer, in accordance to Microsoft’s advisory issued in June. An attacker would to start with have to log on to the technique, but could then run a specially crafted software to take manage of an affected method.

✔ Approved Seller by TheCyberSecurity.News From Our Partners
Avast Premium Security 2021

Protect yourself against all threads using AVAST Premium Security. AVAST Ultimate Suite protects your Windows, macOS and your Android via Avast Premium.

Get AVAST Premium Security with 60% discount from our partner: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“The issue occurs due to the fact the Windows kernel fails to adequately deal with objects in memory,” the agency explained. “An attacker who efficiently exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then set up plans perspective, alter, or delete info or make new accounts with entire person rights.”

The bug costs 8.3 out of 10 on the CVSS vulnerability-severity scale.

From a more technological point of view, “the particular flaw exists inside the person-manner printer driver host approach splwow64.exe,” according to an advisory from Craze Micro’s Zero Working day Initiative (ZDI), which described the bug to Microsoft past December. “The issue final results from the lack of good validation of a user-supplied benefit prior to dereferencing it as a pointer.”

The issue remained unpatched for six months. In the meantime, Kaspersky observed it becoming exploited in the wild in May possibly against a South Korean enterprise, as aspect of an exploit chain that also utilized a distant code-execution zero-working day bug in Internet Explorer. That marketing campaign, dubbed Operation Powerfall, was believed to be initiated by the superior persistent threat (APT) identified as Darkhotel.

Microsoft’s June update included a patch that “addresses the vulnerability by correcting how the Windows kernel handles objects in memory.” On the other hand, Maddie Stone, researcher with Google Undertaking Zero, has now disclosed that the resolve was faulty, soon after Microsoft unsuccessful to re-patch it inside of 90 days of being alerted to the difficulty.

“Microsoft released a patch in June, but that patch didn’t fix the vuln,” she tweeted on Wednesday. “After reporting that negative fix in Sept. beneath a 90-day deadline, it is nevertheless not set.”

She additional, “The unique issue was an arbitrary pointer dereference which permitted the attacker to management the src and dest ideas to a memcpy. The ‘fix’ merely altered the pointers to offsets, which continue to permits handle of the args to the memcpy.”

Microsoft has issued a new CVE, CVE-2020-17008, and researchers count on a patch in January. Venture Zero meanwhile has issued public proof-of-thought code for the issue.

Obtain our exclusive Totally free Threatpost Insider E-book Healthcare Security Woes Balloon in a Covid-Period Planet , sponsored by ZeroNorth, to master a lot more about what these security dangers necessarily mean for hospitals at the day-to-day amount and how health care security groups can implement greatest procedures to shield suppliers and individuals. Get the total story and Down load the Book now – on us!

 


Some areas of this write-up are sourced from:
threatpost.com

Previous Post: «Account Takeovers: Insiders Need Not Be Malicious To Cause Chaos Account takeovers: Insiders need not be malicious to cause chaos
Next Post: SolarWinds Hackers “Impacting” State and Local Governments Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Recent Posts

  • Big Tech Bans Social Networking App
  • Lack of Funding Could Lead to “Lost Generation” of Cyber-Startups
  • Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor
  • ‘I’ll Teams you’: Employees assume security of links, file sharing via Microsoft comms platform
  • DarkSide decryptor unlocks systems without ransom payment – for now
  • Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group
  • Millions of Social Profiles Leaked by Chinese Data-Scrapers
  • Feds will weigh whether cyber best practices were followed when assessing HIPAA fines
  • SolarWinds Hack Potentially Linked to Turla APT
  • 10 quick tips to identifying phishing emails

Copyright © TheCyberSecurity.News, All Rights Reserved.