Windows PoC for 13 twenty-year errors

New PoC forces Microsoft to wake up: Microsoft appears to be trying to develop a patch that fixes Windows bugs used to infect system for more than two decades.

Israeli security researcher Gil Dabah said he had published a proof-of-concept and a report describing 25 bugs. PoC presents an exploit in variants for the same type of vulnerability found in Win32k.

PoC

The Dabah project presents attacks on the Windows operating system known since the mid-90s. THE affect Win32k, a Windows component that manages the user interface on 32-bit Windows architectures and the interactions between UI components, drivers, and the Kernel of the Windows operating system.

Today, Win32k is still present in Windows, even in 64-bit versions, and acts as a layer that allows older applications to run on the modern system.

So fixing Win32k is quite a difficult task. Some operations occur entirely in kernel space, while others use older parts of it .

For more than a decade, αναφέρουν λεπτομερώς πάρα πολλές τεχνικές για την εισ malicious code inside the Win32k component which helps them gain administrative privileges.
Today, however, even after Microsoft's inaction, the Israeli researcher published a 34-page report that describes many methods for attacking through the element Win32k.

The researcher found 25 different bugs, some of which work even in the latest versions of Windows 10.

But Dabah said that Microsoft is currently developing a "bug fix to solve this class of problems once and for all." The fix is ​​currently in WIP (Windows Preview), according to Dabah.

Once this mitigation comes alive, Dabah hopes to link all the other bugs to the same vulnerability, even those that have not yet been discovered or documented.

Read the researcher report (PDF) and download PoC for 13 of the 25 errors by GitHub.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).