Computersnyou

Microsoft Fixed Bug In Windows Kernel Mode Driver

Posted on  2/11/2015
source : http://breakingmalware.com/
source : http://breakingmalware.com/
source : http://breakingmalware.com/
Microsoft Released critical windows update [MS15-010](https://support.microsoft.com/kb/3036220) to fix critical Vulnerabilities in Windows Kernel-Mode Driver [CVE-2015-0057] that could allow internal attacker to escalate privileges or Remote Code Execution as Microsoft kb explains about this flaw in [this post](https://technet.microsoft.com/library/security/MS15-010) , according to [security researcher](http://breakingmalware.com/vulnerabilities/one-bit-rule-bypassing-windows-10-protections-using-single-bit/) (who discovered and disclosed to Microsoft ) , almost all supported Windows desktop versions, including Windows 10 Technical Preview are vulnerable .

According to researchers post , the vulnerability exists in Microsoft Windows Kernel, in the Win32k.sys module , with local access an attacker can exploit this privilege acceleration vulnerability to gain windows administrators privileges , as shown by in PoC video by researcher .

https://technet.microsoft.com/library/security/MS15-010

An elevation of privilege vulnerability exists in the Windows kernel-mode driver (Win32k.sys) that is caused when it improperly handles objects in memory. An attacker who successfully exploited this vulnerability could gain elevated privileges and read arbitrary amounts of kernel memory. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

Download and update your windows desktops to prevent , losing access to your admins privileges , all patches are available through windows update .

Useful Link


  • Home
  • About