New PoC forces Microsoft to wake up: Microsoft seems to be trying to develop a patch that fixes Windows bugs that have been infecting the operating system for more than two decades.
Israeli security researcher Gil Dabah said he had published a proof-of-concept and a report describing 25 bugs. PoC presents an exploit in variants for the same type of vulnerability found in Win32k.
The Dabah project presents attacks on the Windows operating system that have been known since the mid-90s. Vulnerabilities affect Win32k, a Windows component that manages the user interface in Windows 32-bit architectures, and the interactions between the UI components, drivers, and Kernel of the Windows operating system.
Today, Win32k is still present in Windows, even in 64-bit versions, and acts as a layer that allows older applications to run on the modern system.
So fixing Win32k is quite a difficult task. Some functions occur entirely in the kernel space, while others use older parts of the code.
For more than a decade, security researchers have been detailing many techniques for inserting malicious code into Win32k, which helps them gain administrator privileges.
Today, however, even after Microsoft's inaction, the Israeli researcher published a 34-page report that describes many methods for attacking through the element Win32k.
The researcher found 25 different bugs, some of which work even in the latest versions of Windows 10.
Dabah said, however, that Microsoft is currently developing a "bug fix to solve this category of problems once and for all." The fix is currently in the WIP (Windows Insider Preview) version, according to Dabah.
Once this mitigation comes alive, Dabah hopes to link all the other bugs to the same vulnerability, even those that have not yet been discovered or documented.