Newly discovered Windows kernel flaw bypasses UAC

jmke · 30th November 2010, 17:33

Last week an exploit for a Windows kernel flaw was published by an unknown source. Presumably as a joke, details of the flaw, along with proof-of-concept code, were published on Code Project. Code Project is a programmer peer support community, containing many tutorials and useful snippets of code to assist developers. Malware developers are not the usual target audience for posts made to the site, and so perhaps unsurprisingly, the article has been removed.

The flaw is a privilege escalation vulnerability. Anyone who can run code on a Windows system can elevate her privileges to the highest level, and accordingly install back doors, compromise sensitive data, and so on. The flaw lies in a critical Windows driver called win32k.sys. The driver inappropriately handles certain data stored in the registry—data that is stored on a per-user basis, and hence accessible to any unprivileged program. The proof-of-concept code uses this flaw to elevate the privileges of the user running the demo code; it could just as well be used to install a back door or other malware.

http://arstechnica.com/microsoft/new...campaign =rss

30th November 2010, 17:33	#1
jmke Madshrimp Join Date: May 2002 Location: 7090/Belgium Posts: 79,021	Newly discovered Windows kernel flaw bypasses UAC Last week an exploit for a Windows kernel flaw was published by an unknown source. Presumably as a joke, details of the flaw, along with proof-of-concept code, were published on Code Project. Code Project is a programmer peer support community, containing many tutorials and useful snippets of code to assist developers. Malware developers are not the usual target audience for posts made to the site, and so perhaps unsurprisingly, the article has been removed. The flaw is a privilege escalation vulnerability. Anyone who can run code on a Windows system can elevate her privileges to the highest level, and accordingly install back doors, compromise sensitive data, and so on. The flaw lies in a critical Windows driver called win32k.sys. The driver inappropriately handles certain data stored in the registry—data that is stored on a per-user basis, and hence accessible to any unprivileged program. The proof-of-concept code uses this flaw to elevate the privileges of the user running the demo code; it could just as well be used to install a back door or other malware. http://arstechnica.com/microsoft/new...campaign =rss __________________

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Microsoft warns of TLS/SSL flaw in Windows	jmke	WebNews	0	10th February 2010 13:28
175 Windows 7 Tweaks, Tips, and How-To Articles	jmke	WebNews	2	23rd October 2009 14:00
Microsoft Patch Tuesday: 5 Criticals, 2 Important, 1 Moderate Patch	jmke	WebNews	0	14th April 2009 18:47
Microsoft Security Bulletin Summary for September 2008	jmke	WebNews	0	9th September 2008 19:20
Windows 7 Won't Have Compact "MinWin" Kernel	jmke	WebNews	0	28th May 2008 15:31
Microsoft Security Bulletin Summary for August 2007	jmke	WebNews	0	14th August 2007 22:21
IE flaw puts Windows XP SP2 at risk	Sidney	WebNews	3	6th February 2007 17:25
Windows Firewall flaw may hide open ports	Sidney	WebNews	0	2nd September 2005 05:55
Windows flaw reaches beyond XP	Sidney	WebNews	0	19th July 2005 00:05
List of fixes included in Windows XP Service Pack 2	jmke	WebNews	1	17th August 2004 15:03