Security News > 2020 > December > Windows zero-day with bad patch gets new public exploit code
Back in June, Microsoft released a fix for a vulnerability in the Windows operating system that enabled attackers to increase their permissions to kernel level on a compromised machine.
Google Project Zero security researcher Maddie Stone discovered that Microsoft's patch in June did not fix the original vulnerability and it can still be leveraged with some adjustments.
The vulnerable memcpy is in message 0x6D. To show that exploitation is still possible after Microsoft's patch, Stone published proof-of-concept code adapted from the original one from Kaspersky, along with instructions on how to run it properly.
The company planned a patch for November 2020, but problems identified during the testing stage pushed the release to the next Patch Tuesday, on January 12, 2021.
As Microsoft informed that a patch would not be available before January 6, neither of the two deadlines could be met.
News URL
Related news
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf (source)
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)