Zero-day bug in Windows 7 and Windows Server 2008

A local privilege escalation (LPE) vulnerability that affects all devices 7 and Server 2008 R2 was fixed today via platform 0patch.

The zero-day affects all devices affected by Extended (ESU) by Microsoft.

 

At present, only small and medium-sized enterprises or organizations with licensing agreements can obtain an ESU license until January 2023.

The LPE vulnerability originates from the misconfiguration of two keys y service and allows local attackers to elevate their privileges on any fully updated Windows 7 and Server 2008 R2 system.

It was discovered by security researcher Clément Labro, who he published his research earlier this month, stating how insecure rights in registry keys

HKLM \ SYSTEM \ CurrentControlSet \ Services \ Dnscache and HKLM \ SYSTEM \ CurrentControlSet \ Services \ RpcEptMapper

allow intruders to defraud the RPC Endpoint Mapper service to load malicious DLLs.

This allows them to obtain arbitrary code execution within the service Windows Management Instrumentation (WMI) executed with rights LOCAL SYSTEM.

"In short, a local user who is not an administrator on the computer generates a subkey, completes it with certain values, and enables performance monitoring, which drives a local system process (WmiPrvSE.exe) to load into the intruder DLL and run code from it, ”says Mitja Kolsek.

Free update for all affected Windows systems

0patch updates are sent through the 0patch platform to Windows clients for real-time security fixes and are applied to current processes without requiring a system reboot.

This micropatch is available to everyone for free until Microsoft releases a formal bug fix and troubleshooting bad registry license.

The micropatch "sabotages the performance monitoring features for the two affected services, Dnsclient and RpcEptMapper," says 0patch.

Below is a video showing how to block it :

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.081 registrants.

0dayWindows 7zero-day

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).