Welcome to WebmasterWorld Guest from 54.145.173.147

Forum Moderators: bill

Message Too Old, No Replies

Win32k.sys Zero Day Flaw A Potential 'nightmare'

   
6:46 pm on Nov 25, 2010 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



Win32k.sys Zero Day Flaw [pcpro.co.uk]

A new zero-day flaw has hit Windows, and it seems capable of slipping past user account controls, security researchers have said.

"This is a serious flaw because it resides in win32k.sys, the kernel mode part of the Windows subsystem," said malware technology specialist Marco Giuliani on the Prevx blog. "It is a privilege escalation exploit which allows even limited user accounts to execute arbitrary code in kernel mode."

Giuliani warned that 32 and 64 bit versions of Windows XP, Vista and 7 were vulnerable. "Being a privilege escalation exploit, it bypasses by design even the protection given by the User Account Control and Limited User Account technology implemented in Windows Vista and Windows 7," he said.
5:16 am on Nov 26, 2010 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



This flaw gets around the UAC and allows the attacker to impersonate the system account. However, it still appears that you'd need to introduce code to exploit this. They would need to send you a file of some sort and AV software should eventually be able to pick this stuff up. It's still a pretty spooky flaw.
2:12 pm on Nov 26, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Update: Sophos detects the proof of concept as Troj/EUDPoC-A.

More information on protection of Windows systems.

[nakedsecurity.sophos.com...]
12:18 am on Nov 27, 2010 (gmt 0)

WebmasterWorld Senior Member sgt_kickaxe is a WebmasterWorld Top Contributor of All Time 5+ Year Member



Another day, another security issue involving outdated systems. Perhaps I should stop using IE6 on my laptop too?
6:01 am on Nov 27, 2010 (gmt 0)



Sometimes I wish they would force updates on pcs that are using dated browsers.

I wouldn't have ie6 anymore if I didn't think I still needed make some sites compatible for it.. I hate that browser.
7:27 am on Nov 27, 2010 (gmt 0)

WebmasterWorld Senior Member sgt_kickaxe is a WebmasterWorld Top Contributor of All Time 5+ Year Member



Sometimes I wish they would force updates on pcs that are using dated browsers.


but... but... IE6 is so inaccessible to big brother! ;-)
7:44 am on Nov 27, 2010 (gmt 0)



lmao

So secure too! and its html rendering is untouchable!
11:28 am on Nov 30, 2010 (gmt 0)

5+ Year Member



I wouldn't have ie6 anymore if I didn't think I still needed make some sites compatible for it.. I hate that browser.

Why do people think they need to keep it?

Use IETester...