all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

A patched Windows attack surface is still exploitable

Add to bookmarks
March 14, 2024, 10:05 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

On August 8, 2023, Microsoft finally released a kernel patch for a class of vulnerabilities affecting Microsoft Windows since 2015. The vulnerabilities lead to elevation of privilege (EoP), which allows an account with user rights to gain SYSTEM privileges on a vulnerable host. The root cause of this attack surface, according to a 2015 blog, is the ability of a normal user account to replace the original C:\ drive with a fake one by placing a symlink for the …

account attack attack surface august class elevation of privilege eop host kernel microsoft microsoft windows patch privilege privileges rights root system system privileges vulnerabilities vulnerable windows

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Verizon’s 2024 Data Breach Investigations Report: 5 key takeaways 56 minutes ago | malware.news
ai threats article breach data +16
Analysis of TargetCompany’s Attacks Against MS-SQL Servers (Mallox, BlueSky Ransomware) an hour ago | malware.news
ahnlab analysis asec attacks +21
4 Easy Ways to Find Free Wi-Fi Anywhere You Go 2 hours ago | malware.news
can challenge coffee easy +10
AI's Offensive & Defensive Impacts 3 hours ago | malware.news
alto blog cybersecurity defensive +11
Cyberattack against United Russia claimed by Ukraine 4 hours ago | malware.news
attack cyberattack distributed initiative +14
US jails former NSA employee for attempting secret sale to Russia 4 hours ago | malware.news
agency article confidential defense +25
Better identity threat detection sought by new Semperis ML-based tool 4 hours ago | malware.news
and response article detection detection and response +27
Red Hat's latest enterprise Linux delivers new features to tackle hybrid-cloud complexity 4 hours ago | malware.news
addition article cloud complexity +13
NASA doesn't know if its spacecraft have adequate cyber defenses, GAO warns 5 hours ago | malware.news
agency article best practices cyber +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Security Engineer II- Full stack Java with React

@ JPMorgan Chase & Co. | Hyderabad, Telangana, India
View on infosec-jobs.com

Cybersecurity SecOps

@ GFT Technologies | Mexico City, MX, 11850
View on infosec-jobs.com

Senior Information Security Advisor

@ Sun Life | Sun Life Toronto One York
View on infosec-jobs.com

Contract Special Security Officer (CSSO) - Top Secret Clearance

@ SpaceX | Hawthorne, CA
View on infosec-jobs.com

Early Career Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com
View more jobs