Micropatches for Windows Local Session Manager Elevation of Privilege (CVE-2023-21771) | allinfosecnews.com

April 4, 2024, 1:45 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

In December of 2022, Ben Barnea of Akamai posted an X thread about a bug they had found in Windows Local Service Manager (LSM) that can lead to local privilege escalation from regular user account to Local System. Ben discovered that code in LSM was missing a return value check after a call is made to RpcImpersonateClient to impersonate the caller: a failed impersonation attempt would therefore keep the code running as Local System.

After trying out several ideas to …

account akamai ben bug can check code cve december elevation of privilege escalation found local local privilege escalation manager missing privilege privilege escalation regular return service session system value windows

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Wireshark 4.2.5 Released, (Sat, May 18th) 14 hours ago | malware.news

article bugs center cve +13

The who, where, and how of APT attacks – Week in security with Tony Anscombe 1 day, 1 hour ago | malware.news

apt article attacks campaigns +11

Leveling the cybersecurity playing field 1 day, 6 hours ago | malware.news

article blumira cybersecurity entry +4

Hardware cybersecurity leader, Flexxon, introduces Server Defender 1 day, 6 hours ago | malware.news

advanced article cybersecurity defender +8

Automated pentesting in the cloud 1 day, 6 hours ago | malware.news

article automated challenge cloud +10

How to revamp your cybersecurity in the middle of the chaos 1 day, 6 hours ago | malware.news

article attackers chaos cybersecurity +8

6K-plus AI models may be affected by critical RCE vulnerability 1 day, 7 hours ago | malware.news

ai models article attacks critical +14

Zscaler annual phishing report finds a near 60% increase in phishing attacks in 2023 1 day, 9 hours ago | malware.news

article attacks link media +6

Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387 1 day, 10 hours ago | malware.news

amp article cisa deepfakes +8

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India

View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190

View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal

View on infosec-jobs.com