Security News > 2020 > December > Windows zero-day with bad patch gets new public exploit code
Back in June, Microsoft released a fix for a vulnerability in the Windows operating system that enabled attackers to increase their permissions to kernel level on a compromised machine.
Google Project Zero security researcher Maddie Stone discovered that Microsoft's patch in June did not fix the original vulnerability and it can still be leveraged with some adjustments.
The vulnerable memcpy is in message 0x6D. To show that exploitation is still possible after Microsoft's patch, Stone published proof-of-concept code adapted from the original one from Kaspersky, along with instructions on how to run it properly.
The company planned a patch for November 2020, but problems identified during the testing stage pushed the release to the next Patch Tuesday, on January 12, 2021.
As Microsoft informed that a patch would not be available before January 6, neither of the two deadlines could be met.
News URL
Related news
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- ⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists (source)