Security News > 2023 > June > PoC released for Windows Win32k bug exploited in attacks

PoC released for Windows Win32k bug exploited in attacks
2023-06-08 20:51

Researchers have released a proof-of-concept exploit for an actively exploited Windows local privilege escalation vulnerability fixed as part of the May 2023 Patch Tuesday.

To raise awareness about the actively exploited flaw, and the need to apply Windows security updates, CISA also published an alert and added it to its "Known Exploited Vulnerabilities" catalog.

Exactly a month after the patch became available, security analysts at Web3 cybersecurity firm Numen have now released full technical details on the CVE-2023-29336 flaw and a PoC exploit for Windows Server 2016.

While the vulnerability is actively exploited, Microsoft says it only affects older versions of Windows, including older Windows 10 versions, Windows Server, and Windows 8, and does not affect Windows 11.

By analyzing the vulnerability on Windows Server 2016, Numen's researchers found that Win32k only locks the window object but fails to lock the nested menu object.

It is recommended that all Windows users apply the May 2023 patch, which, apart from the particular flaw, fixed two more zero-day vulnerabilities that hackers actively exploited.


News URL

https://www.bleepingcomputer.com/news/security/poc-released-for-windows-win32k-bug-exploited-in-attacks/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-05-09 CVE-2023-29336 Use After Free vulnerability in Microsoft products
Win32k Elevation of Privilege Vulnerability
0.0