Security News > 2020 > April > Microsoft Will Not Patch Security Bypass Flaw Abusing MSTSC
A DLL side-loading vulnerability related to the Microsoft Terminal Services Client can be exploited to bypass security controls, but Microsoft says it will not be releasing a patch due to exploitation requiring elevated privileges.
This allows an attacker who can replace the legitimate DLL to bypass security controls such as AppLocker, which is designed to help users control which apps and files can be run.
"The attacker attempts to execute the malicious shell, and security controls block the attempt," the company explained.
"The attacker copies mstsc.exe to an insecure directory, and places the malicious shell in place of mstscax.dll, and executes mstsc.exe. Due to mstsc.exe being a system binary, digitally signed by Microsoft, it is considered a trusted process by security controls. Mstsc.exe loads the malicious shell. At this point, malicious code is running under the context of mstsc.exe, efficiently bypassing security controls."
The company told SecurityWeek that, depending on the malicious code being executed, an attacker could potentially exploit the flaw to elevate privileges.
News URL
Related news
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)