Her researchers ESET πρόσφατα ανακάλυψαν και ανέλυσαν ένα exploit for a technique attacks “0day” in a highly targeted attack in Eastern Europe.
The exploit was based on the use of a Local Privilege Escalation (LPE) vulnerability in the functional system of Microsoft Windows. ESET immediately reported the issue to Microsoft's Security Response Center, which in turn patched the vulnerability and issued a patch.
Only some limited versions of Windows are affected by this exploit, as in Windows 8 and in later versions, a user process can not connect to a NULL page, a parameter that is required to initiate and succeed the attack.
This vulnerability of Windows Win32k.sys, like the others, uses the popup menu.
“For example, in the LPE attack by exploiting the Sednit team that we analyzed 2017 menu items and exploitation techniques were used, much like the current exploit, ”explains ESET researcher Anton Cherepanov, who discovered the recent vulnerability.
The vulnerability (CVE-2019-1132) affects the following operating systems: Windows 7 Service Pack 1 for systems 32-bit, Windows 7 Service Pack 1 for x64-based systems, Windows Server 2008 Service Pack 2 for 32-bit systems, Windows Server 2008 Service Pack 2 for Itanium-based systems, Windows Server 2008 Service Pack 2 for x64-based systems, Windows Server 2008 R2 Service Pack 1 for Itanium-based systems, and Windows Server 2008 R2 Service Pack 1 for x64 edition systems.
Windows XP and Windows Server 2003 are also affected, but these versions are not supported by Microsoft.
"Users who are still using Windows 7 Service Pack 1 should consider upgrading to new operating systems as extended support for Windows 7 Service Pack 1 is due to expire on January 14. This means that Windows 2020 users will not receive critical security updates, ”adds Cherepanov.
More technical details about the "0day" exploit can be found in the article The CVE-2019-1132 vulnerability used in targeted attack at WeLiveSecurity.com.
_________________
- ICS Forth more about the hack of Greek domains gr & el
- How to Make Your Own Rescue Disk With Windows PE
- LanguageTool free grammar and spell check