Security News > 2020 > December > Windows zero-day with bad patch gets new public exploit code
Back in June, Microsoft released a fix for a vulnerability in the Windows operating system that enabled attackers to increase their permissions to kernel level on a compromised machine.
Google Project Zero security researcher Maddie Stone discovered that Microsoft's patch in June did not fix the original vulnerability and it can still be leveraged with some adjustments.
The vulnerable memcpy is in message 0x6D. To show that exploitation is still possible after Microsoft's patch, Stone published proof-of-concept code adapted from the original one from Kaspersky, along with instructions on how to run it properly.
The company planned a patch for November 2020, but problems identified during the testing stage pushed the release to the next Patch Tuesday, on January 12, 2021.
As Microsoft informed that a patch would not be available before January 6, neither of the two deadlines could be met.
News URL
Related news
- RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks (source)
- New Windows zero-day exposes NTLM credentials, gets unofficial patch (source)
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- New Windows Server 2012 zero-day gets free, unofficial patches (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Microsoft says premature patch could make Windows Recall forget how to work (source)
- Mitel MiCollab zero-day flaw gets proof-of-concept exploit (source)
- Mitel MiCollab zero-day and PoC exploit unveiled (source)
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)