homepage Welcome to WebmasterWorld Guest from 54.237.38.30
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Microsoft / Microsoft Corporate
Forum Library, Charter, Moderators: bill

Microsoft Corporate Forum

    
Win32k.sys Zero Day Flaw A Potential 'nightmare'
engine

WebmasterWorld Administrator engine us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



 
Msg#: 4234996 posted 6:46 pm on Nov 25, 2010 (gmt 0)

Win32k.sys Zero Day Flaw [pcpro.co.uk]

A new zero-day flaw has hit Windows, and it seems capable of slipping past user account controls, security researchers have said.

"This is a serious flaw because it resides in win32k.sys, the kernel mode part of the Windows subsystem," said malware technology specialist Marco Giuliani on the Prevx blog. "It is a privilege escalation exploit which allows even limited user accounts to execute arbitrary code in kernel mode."

Giuliani warned that 32 and 64 bit versions of Windows XP, Vista and 7 were vulnerable. "Being a privilege escalation exploit, it bypasses by design even the protection given by the User Account Control and Limited User Account technology implemented in Windows Vista and Windows 7," he said.

 

bill

WebmasterWorld Administrator bill us a WebmasterWorld Top Contributor of All Time 10+ Year Member Best Post Of The Month



 
Msg#: 4234996 posted 5:16 am on Nov 26, 2010 (gmt 0)

This flaw gets around the UAC and allows the attacker to impersonate the system account. However, it still appears that you'd need to introduce code to exploit this. They would need to send you a file of some sort and AV software should eventually be able to pick this stuff up. It's still a pretty spooky flaw.

frontpage

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4234996 posted 2:12 pm on Nov 26, 2010 (gmt 0)

Update: Sophos detects the proof of concept as Troj/EUDPoC-A.

More information on protection of Windows systems.

[nakedsecurity.sophos.com...]

Sgt_Kickaxe

WebmasterWorld Senior Member sgt_kickaxe us a WebmasterWorld Top Contributor of All Time



 
Msg#: 4234996 posted 12:18 am on Nov 27, 2010 (gmt 0)

Another day, another security issue involving outdated systems. Perhaps I should stop using IE6 on my laptop too?

cmnetworx



 
Msg#: 4234996 posted 6:01 am on Nov 27, 2010 (gmt 0)

Sometimes I wish they would force updates on pcs that are using dated browsers.

I wouldn't have ie6 anymore if I didn't think I still needed make some sites compatible for it.. I hate that browser.

Sgt_Kickaxe

WebmasterWorld Senior Member sgt_kickaxe us a WebmasterWorld Top Contributor of All Time



 
Msg#: 4234996 posted 7:27 am on Nov 27, 2010 (gmt 0)

Sometimes I wish they would force updates on pcs that are using dated browsers.


but... but... IE6 is so inaccessible to big brother! ;-)

cmnetworx



 
Msg#: 4234996 posted 7:44 am on Nov 27, 2010 (gmt 0)

lmao

So secure too! and its html rendering is untouchable!

badbadmonkey

5+ Year Member



 
Msg#: 4234996 posted 11:28 am on Nov 30, 2010 (gmt 0)

I wouldn't have ie6 anymore if I didn't think I still needed make some sites compatible for it.. I hate that browser.

Why do people think they need to keep it?

Use IETester...

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Microsoft / Microsoft Corporate
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved