Welcome to WebmasterWorld Guest from 54.196.244.45

Forum Moderators: bill

Message Too Old, No Replies

Win32k.sys Zero Day Flaw A Potential 'nightmare'

     
6:46 pm on Nov 25, 2010 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:22302
votes: 238


Win32k.sys Zero Day Flaw [pcpro.co.uk]

A new zero-day flaw has hit Windows, and it seems capable of slipping past user account controls, security researchers have said.

"This is a serious flaw because it resides in win32k.sys, the kernel mode part of the Windows subsystem," said malware technology specialist Marco Giuliani on the Prevx blog. "It is a privilege escalation exploit which allows even limited user accounts to execute arbitrary code in kernel mode."

Giuliani warned that 32 and 64 bit versions of Windows XP, Vista and 7 were vulnerable. "Being a privilege escalation exploit, it bypasses by design even the protection given by the User Account Control and Limited User Account technology implemented in Windows Vista and Windows 7," he said.
5:16 am on Nov 26, 2010 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:Oct 12, 2000
posts:14480
votes: 49


This flaw gets around the UAC and allows the attacker to impersonate the system account. However, it still appears that you'd need to introduce code to exploit this. They would need to send you a file of some sort and AV software should eventually be able to pick this stuff up. It's still a pretty spooky flaw.
2:12 pm on Nov 26, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 23, 2002
posts:659
votes: 0


Update: Sophos detects the proof of concept as Troj/EUDPoC-A.

More information on protection of Windows systems.

[nakedsecurity.sophos.com...]
12:18 am on Nov 27, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member sgt_kickaxe is a WebmasterWorld Top Contributor of All Time 5+ Year Member

joined:Apr 14, 2010
posts:3169
votes: 0


Another day, another security issue involving outdated systems. Perhaps I should stop using IE6 on my laptop too?
6:01 am on Nov 27, 2010 (gmt 0)

New User

5+ Year Member

joined:Nov 25, 2010
posts: 22
votes: 0


Sometimes I wish they would force updates on pcs that are using dated browsers.

I wouldn't have ie6 anymore if I didn't think I still needed make some sites compatible for it.. I hate that browser.
7:27 am on Nov 27, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member sgt_kickaxe is a WebmasterWorld Top Contributor of All Time 5+ Year Member

joined:Apr 14, 2010
posts:3169
votes: 0


Sometimes I wish they would force updates on pcs that are using dated browsers.


but... but... IE6 is so inaccessible to big brother! ;-)
7:44 am on Nov 27, 2010 (gmt 0)

New User

5+ Year Member

joined:Nov 25, 2010
posts:22
votes: 0


lmao

So secure too! and its html rendering is untouchable!
11:28 am on Nov 30, 2010 (gmt 0)

Full Member

5+ Year Member

joined:Oct 9, 2007
posts: 295
votes: 0


I wouldn't have ie6 anymore if I didn't think I still needed make some sites compatible for it.. I hate that browser.

Why do people think they need to keep it?

Use IETester...