It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Newly discovered Windows kernel flaw bypasses UAC Newly discovered Windows kernel flaw bypasses UAC
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read


Newly discovered Windows kernel flaw bypasses UAC
Reply
 
Thread Tools
Old 30th November 2010, 18:33   #1
Madshrimp
 
jmke's Avatar
 
Join Date: May 2002
Location: 7090/Belgium
Posts: 78,756
jmke has disabled reputation
Default Newly discovered Windows kernel flaw bypasses UAC

Last week an exploit for a Windows kernel flaw was published by an unknown source. Presumably as a joke, details of the flaw, along with proof-of-concept code, were published on Code Project. Code Project is a programmer peer support community, containing many tutorials and useful snippets of code to assist developers. Malware developers are not the usual target audience for posts made to the site, and so perhaps unsurprisingly, the article has been removed.

The flaw is a privilege escalation vulnerability. Anyone who can run code on a Windows system can elevate her privileges to the highest level, and accordingly install back doors, compromise sensitive data, and so on. The flaw lies in a critical Windows driver called win32k.sys. The driver inappropriately handles certain data stored in the registry—data that is stored on a per-user basis, and hence accessible to any unprivileged program. The proof-of-concept code uses this flaw to elevate the privileges of the user running the demo code; it could just as well be used to install a back door or other malware.

http://arstechnica.com/microsoft/new...campaign =rss
__________________
jmke is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
Microsoft warns of TLS/SSL flaw in Windows jmke WebNews 0 10th February 2010 14:28
175 Windows 7 Tweaks, Tips, and How-To Articles jmke WebNews 2 23rd October 2009 15:00
Microsoft Patch Tuesday: 5 Criticals, 2 Important, 1 Moderate Patch jmke WebNews 0 14th April 2009 19:47
Microsoft Security Bulletin Summary for September 2008 jmke WebNews 0 9th September 2008 20:20
Windows 7 Won't Have Compact "MinWin" Kernel jmke WebNews 0 28th May 2008 16:31
Microsoft Security Bulletin Summary for August 2007 jmke WebNews 0 14th August 2007 23:21
IE flaw puts Windows XP SP2 at risk Sidney WebNews 3 6th February 2007 18:25
Windows Firewall flaw may hide open ports Sidney WebNews 0 2nd September 2005 06:55
Windows flaw reaches beyond XP Sidney WebNews 0 19th July 2005 01:05
List of fixes included in Windows XP Service Pack 2 jmke WebNews 1 17th August 2004 16:03

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


All times are GMT +1. The time now is 01:13.


Powered by vBulletin® - Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO