A new zero-day flaw has hit Windows, and it seems capable of slipping past user account controls, security researchers have said.
"This is a serious flaw because it resides in win32k.sys, the kernel mode part of the Windows subsystem," said malware technology specialist Marco Giuliani on the Prevx blog. "It is a privilege escalation exploit which allows even limited user accounts to execute arbitrary code in kernel mode."
Giuliani warned that 32 and 64 bit versions of Windows XP, Vista and 7 were vulnerable. "Being a privilege escalation exploit, it bypasses by design even the protection given by the User Account Control and Limited User Account technology implemented in Windows Vista and Windows 7," he said.
5:16 am on Nov 26, 2010 (gmt 0)
This flaw gets around the UAC and allows the attacker to impersonate the system account. However, it still appears that you'd need to introduce code to exploit this. They would need to send you a file of some sort and AV software should eventually be able to pick this stuff up. It's still a pretty spooky flaw.
2:12 pm on Nov 26, 2010 (gmt 0)
Update: Sophos detects the proof of concept as Troj/EUDPoC-A.
More information on protection of Windows systems.