Micropatches for Windows Local Session Manager Elevation of Privilege (CVE-2023-21771) | allinfosecnews.com

April 4, 2024, 1:45 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

In December of 2022, Ben Barnea of Akamai posted an X thread about a bug they had found in Windows Local Service Manager (LSM) that can lead to local privilege escalation from regular user account to Local System. Ben discovered that code in LSM was missing a return value check after a call is made to RpcImpersonateClient to impersonate the caller: a failed impersonation attempt would therefore keep the code running as Local System.

After trying out several ideas to …

account akamai ben bug can check code cve december elevation of privilege escalation found local local privilege escalation manager missing privilege privilege escalation regular return service session system value windows

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Deepfakes and AI-Driven Disinformation Threaten Polls 2 hours ago | malware.news

access article campaigns deepfakes +13

Malware development trick 38: Hunting RWX - part 2. Target process investigation tricks. Simple C/C++ … 2 hours ago | malware.news

cybersecurity development hackers hello +16

Beyond the Evidence: Leveraging Decision Intelligence to Drive Better Outcomes in Digital Forensics 2 hours ago | malware.news

beyond communications crime decision +18

Graph: Growing number of threats leveraging Microsoft API 2 hours ago | malware.news

api article blogs cloud +12

The Future of Passwordless Authentication in Cybersecurity 3 hours ago | malware.news

actions authentication biometric clicking +15

Vulnerability in CraftBeerPi 4 software 3 hours ago | malware.news

article cert cert polska cve +9

Operation PANDORA shuts down 12 phone fraud call centres 4 hours ago | malware.news

bank call cash customer +16

Security Awareness Service Release on April 29, 2024 5 hours ago | malware.news

april article awareness delivery +12

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps 6 hours ago | malware.news

android android apps application applications +24

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Associate Manager, BPT Infrastructure & Ops (Security Engineer)

@ SC Johnson | PHL - Makati

View on infosec-jobs.com

Cybersecurity Analyst - Project Bound

@ NextEra Energy | Jupiter, FL, US, 33478

View on infosec-jobs.com

Lead Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts

View on infosec-jobs.com

Junior Information Security Coordinator (Internship)

@ Garrison Technology | London, Waterloo, England, United Kingdom

View on infosec-jobs.com

Sr. Security Engineer

@ ScienceLogic | Reston, VA

View on infosec-jobs.com