Zero Day Bug Bypasses Windows User Account Control

  /     /     /  
Publicated : 22/11/2024   Category : security


Zero Day Bug Bypasses Windows User Account Control


Local buffer overflow vulnerability tricks Microsoft operating systems into granting an attacker system-level user privileges.



(click image for larger view)
Slideshow: How Firesheep Can Hijack Web Sessions
Multiple versions of Microsoft Windows are vulnerable to a previously undisclosed, zero-day buffer-overflow vulnerability that would allow an attacker to gain system-level privileges and take control of the PC.
According to security research firm Vupen, this issue is caused by a buffer overflow error within the win32k.sys driver when processing certain registry values stored as reg_binary, which could allow unprivileged users to crash an affected system or execute arbitrary code with kernel (system) privileges, by modifying registry values related to end-user-defined characters (EUDC) for fonts.
According to security researcher Chester Wisniewski at Sophos, an attacker can use the EUDC-related key to impersonate the system account, which has nearly unlimited access to all components of the Windows system.
Details of the vulnerability, together with proof-of-concept code, have been publicly disclosed, meaning its only a matter of time before actual exploits appear. Microsoft has acknowledged the vulnerability, but noted that an attacker would need local access to exploit it.
Vupen rates the vulnerability as being of moderate risk, and said it confirmed the bug exists in Windows 7, Windows Server 2008 SP2, and Windows Vista SP2. While it also affects Windows XP and Windows 2003, executing the attack on those operating systems would be relatively difficult.
The security firm Prevx, which originally brought the flaw
to light
, said that one of the biggest security risks is that the bug allows attackers to bypass
User Account Control
(UAC) safeguards and take full control of the system. Microsoft added UAC to Windows Vista and 7 specifically to prevent these types of privilege-escalation attacks.
While no patch is yet available, Sophos Wisniewski
supplied
a somewhat complicated workaround. It uses Regedit to alter a registry value related to EUDCs for fonts, preventing an attacker from being able to exploit the bug. The fix may, however, break multilingual Windows installations.

Last News

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Zero Day Bug Bypasses Windows User Account Control