A new exploit has emerged for an old Windows 10 bug after botched patch
The original Windows 10 vulnerability was exploited as a zero-day in the summer
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Researchers have identified a new exploit for aWindows 10vulnerability identified in May that allowed hackers to escalate their privileges on a target machine.
After the bug came to light,Microsoftissued a patch that was supposed to rectify the issue, but it appears the update failed to guard against an alternative exploit.
According to Maddie Stone, a researcher atGoogleProject Zero, theWindows 10flaw can still be abused, with small adjustments to the attack method.
“The original issue was an arbitrary pointer dereference, which allowed the attacker to control the src and dest pointers to a memcpy,” Stonetweeted.
The Microsoft patch was ineffective, she explains, because it “simply changed the pointers to offsets, which still allows controls of the argos to the memcpy.”
The main fear, when it comes to partial fixes, is that hackers can use knowledge of the original exploit to develop new zero-days with greater ease.
Windows 10 security bug
First identified by researchers at security firm Kaspersky, the bug affects a range of Windowsoperating systems, including various iterations of Windows 10, Windows Server,Windows 7andWindows 8.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
While the overall vulnerability was rated 7.5/10 by the Common Vulnerability Scoring System (CVSS), it was classified as maximum severity specifically in relation to Windows 10 devices.
Chained with a second flaw present in Internet Explorer 11, the Windows bug was abused by hackers to run malicious code on affected devices that allowed them to escalate their privileges to kernel level.
To demonstrate the vulnerability can still be exploited, Stone published proof-of-concept code based on material made available by Kaspersky with the original disclosure.
Microsoft was alerted to the alternative exploit in mid-September and has acknowledged the issue. The firm intended to roll out a second patch in November, but further complications mean the fix has been postponed until January.
Owners of affected devices will need to wait for the patch to drop in the new year.
ViaBleeping Computer
Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.
Google puts Nvidia on high alert as it showcases Trillium, its rival AI chip, while promising to bring H200 Tensor Core GPUs within days
A new form of macOS malware is being used by devious North Korean hackers
This new malware utilizes a rare programming language to evade traditional detection methods
