all InfoSec news
A patched Windows attack surface is still exploitable
Malware Analysis, News and Indicators - Latest topics malware.news
On August 8, 2023, Microsoft finally released a kernel patch for a class of vulnerabilities affecting Microsoft Windows since 2015. The vulnerabilities lead to elevation of privilege (EoP), which allows an account with user rights to gain SYSTEM privileges on a vulnerable host. The root cause of this attack surface, according to a 2015 blog, is the ability of a normal user account to replace the original C:\ drive with a fake one by placing a symlink for the …
account attack attack surface august class elevation of privilege eop host kernel microsoft microsoft windows patch privilege privileges rights root system system privileges vulnerabilities vulnerable windows