24.11.2021 22:55:27
|
Microsoft Zero-day Patch Fail Exposes Vulnerability
(RTTNews) - Every Microsoft Windows version is potentially at risk after Microsoft failed to fix a zero-day problem. Researchers believe that while the vulnerability is nominal, the continued testing of this exploit can lead to a wide scaled malware attack.
Nick Biasini, the head of outreach at Cisco Talos, told BleepingComputer, "During our investigation, we looked at recent malware samples and were able to identify several [bad actors] that were already attempting to leverage the exploit. Since the volume is low, this is likely people working with the proof of concept code or testing for future campaigns."
According to experts, the bug takes advantage of Windows Installer to give users SYSTEM privilege, the highest user rights provided by Windows. Once the privilege is obtained, hackers can take over the system by replacing any executable file with an MSI file.
Microsoft allegedly fixed the bug earlier this month. but security researcher Abdelhamid Naceri ran a proof-of-concept code to show that the vulnerability was not fixed. Rather, the new patch allows users to bypass an important policy in the admin install section of Windows.
"This variant was discovered during the analysis of CVE-2021-41379 patch. the bug was not fixed correctly, however, instead of dropping the bypass. I have chosen to actually drop this variant as it is more powerful than the original one," Naceri wrote in his post on GitHub.
The only respite that individual users can have is that this bug is not accessible remotely so malpractioners will need to have access to the computer to hack it.
Nazeri also stated that he did not notify Microsoft immediately as it is also going to fetch him monetary compensation in the bug-bounty program. He believes that if third-party software companies try to find a fix to this, it can break the installer altogether, so it is best if Microsoft updates the patch to solve the problem.
"We are aware of the disclosure and will do what is necessary to keep our customers safe and protected. An attacker using the methods described must already have access and the ability to run code on a target victim's machine," Microsoft told BleepingComputer as it plans to launch another patch to fix the malfunction.
Wenn Sie mehr über das Thema Aktien erfahren wollen, finden Sie in unserem Ratgeber viele interessante Artikel dazu!
Jetzt informieren!
Nachrichten zu Microsoft Corp.mehr Nachrichten
20.12.24 |
Freitagshandel in New York: Dow Jones verliert zum Handelsstart (finanzen.at) | |
20.12.24 |
Why Microsoft needs nuclear energy (Financial Times) | |
19.12.24 |
Microsoft-Aktie schwächer: ChatGPT von Microsoft-Investment OpenAI kann nun auch telefonisch erreicht werden (dpa-AFX) | |
18.12.24 |
Optimismus in New York: Dow Jones am Nachmittag freundlich (finanzen.at) | |
18.12.24 |
Gute Stimmung in New York: Dow Jones-Anleger greifen mittags zu (finanzen.at) | |
18.12.24 |
Microsoft-Aktie sinkt dennoch: UBS sieht weiteres Potenzial und empfiehlt weiterhin 'Buy' (dpa-AFX) | |
18.12.24 |
Optimismus in New York: Dow Jones zum Start des Mittwochshandels in der Gewinnzone (finanzen.at) | |
18.12.24 |
FirstFT: Microsoft buys twice as many Nvidia AI chips as its rivals in 2024 (Financial Times) |
Analysen zu Microsoft Corp.mehr Analysen
18.12.24 | Microsoft Buy | UBS AG | |
12.12.24 | Microsoft Outperform | RBC Capital Markets | |
20.11.24 | Microsoft Buy | Jefferies & Company Inc. | |
20.11.24 | Microsoft Buy | Goldman Sachs Group Inc. | |
20.11.24 | Microsoft Overweight | JP Morgan Chase & Co. |