Windows: Local Privilege Escalation 0-day

0  comments

A new 0-day was released on the 24th attacking most versions of Windows (XP, Vista, 7, 2008). The exploit is a privilege escalation attack that allows a malicious user to gain kernel level privileges with a normal user account.  The attack targets vulnerable code in win32k.sys.

By itself, this exploit is not dangerous as it can only escalate privileges on a local machine, however if paired with another virus it can gain be used to gain kernel level privileges and compromise an entire system.  Currently, this exploit has not been seen in the wild, although it would be simple to implement by an attacker.

External References:

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

You may also like:

Dedicated Vs. Non-Dedicated HIPAA Security Officer
What is a Dedicated and Non-Dedicated HIPAA Security Officer?
What are the primary responsibilities of a HIPAA Security Officer?
What is a HIPAA Security Officer?

Subscribe now to get the latest updates!

>