The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: Windows zero-day vulnerability

Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows

Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows

August 13, 2019Swati Khandelwal
Update — With this month's patch Tuesday updates, Microsoft has finally addressed this vulnerability, tracked as CVE-2019-1162 , by correcting how the Windows operating system handles calls to Advanced Local Procedure Call (ALPC). A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows, back from Windows XP to the latest Windows 10. The vulnerability resides in the way MSCTF clients and server communicate with each other, allowing even a low privileged or a sandboxed application to read and write data to a higher privileged application. MSCTF is a module in Text Services Framework (TSF) of the Windows operating system that manages things like input methods, keyboard layouts, text processing, and speech recognition. In a nutshell, when you log in to your Windows machine, it starts a CTF monitor service that works as a central manager to handle communications between all c
Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw

Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw

June 07, 2019Wang Wei
An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system. SandboxEscaper is known for publicly dropping zero-day exploits for unpatched Windows vulnerabilities. In the past year, the hacker has disclosed over half a dozen zero-day vulnerabilities in Windows OS without actually bothering to make Microsoft aware of the issues first. Just two weeks ago, the hacker disclosed four new Windows exploits , one of which was an exploit that could allow attackers to bypass a patched elevation of privilege vulnerability (CVE-2019-0841) in Windows that existed when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. Now, the hacker claims to have found a new way to bypass Microsoft security patch for the same vulnerability, allowing a specially crafted malicious application to escalate its
Update: Hacker Disclosed 4 New Microsoft Zero-Day Exploits in Last 24 Hours

Update: Hacker Disclosed 4 New Microsoft Zero-Day Exploits in Last 24 Hours

May 23, 2019Mohit Kumar
Less than 24 hours after publicly disclosing an unpatched zero-day vulnerability in Windows 10 , the anonymous hacker going by online alias "SandboxEscaper" has now dropped new exploits for two more unpatched Microsoft zero-day vulnerabilities. The two new zero-day vulnerabilities affect Microsoft's Windows Error Reporting service and Internet Explorer 11. Just yesterday, while releasing a Windows 10 zero-day exploit for a local privilege escalation bug in Task Scheduler utility, SandboxEscaper claimed to have discovered four more zero-day bugs, exploits for two has now been publicly released. AngryPolarBearBug2 Windows Bug One of the latest Microsoft zero-day vulnerabilities resides in the Windows Error Reporting service that can be exploited using a discretionary access control list (DACL) operation—a mechanism that identifies users and groups that are assigned or denied access permissions to a securable object. Upon successful exploitation, an attacker can del
Hacker Discloses New Unpatched Windows Zero-Day Exploit On Twitter

Hacker Discloses New Unpatched Windows Zero-Day Exploit On Twitter

December 20, 2018Swati Khandelwal
A security researcher with Twitter alias SandboxEscaper today released proof-of-concept (PoC) exploit for a new zero-day vulnerability affecting Microsoft's Windows operating system. SandboxEscaper is the same researcher who previously publicly dropped exploits for two Windows zero-day vulnerabilities, leaving all Windows users vulnerable to the hackers until Microsoft patched them. The newly disclosed unpatched Windows zero-day vulnerability is an arbitrary file read issue that could allow a low-privileged user or a malicious program to read the content of any file on a targeted Windows computer that otherwise would only be possible via administrator-level privileges. The zero-day vulnerability resides in "MsiAdvertiseProduct" function of Windows that’s responsible for generating "an advertise script or advertises a product to the computer and enables the installer to write to a script the registry and shortcut information used to assign or publish a prod
Hacker Discloses New Windows Zero-Day Exploit On Twitter

Hacker Discloses New Windows Zero-Day Exploit On Twitter

October 24, 2018Swati Khandelwal
A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability. SandboxEscaper posted a link to a Github page hosting a proof-of-concept (PoC) exploit for the vulnerability that appears to be a privilege escalation flaw residing in Microsoft Data Sharing (dssvc.dll). The Data Sharing Service is a local service that runs as LocalSystem account with extensive privileges and provides data brokering between applications. The flaw could allow a low-privileged attacker to elevate their privileges on a target system, though the PoC exploit code (deletebug.exe) released by the researcher only allows a low privileged user to delete critical system files—that otherwise would only be possible via admin level privileges. "Not the same bug I posted a while back, this doesn't write garbage to files
Researcher Discloses New Zero-Day Affecting All Versions of Windows

Researcher Discloses New Zero-Day Affecting All Versions of Windows

September 21, 2018Mohit Kumar
A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-days deadline. Discovered by Lucas Leong of the Trend Micro Security Research team, the zero-day vulnerability resides in Microsoft Jet Database Engine that could allow an attacker to remotely execute malicious code on any vulnerable Windows computer. The Microsoft JET Database Engine, or simply JET (Joint Engine Technology), is a database engine integrated within several Microsoft products, including Microsoft Access and Visual Basic. According to the an  advisory  released by Zero Day Initiative (ZDI), the vulnerability is due to a problem with the management of indexes in the Jet database engine that, if exploited successfully, can cause an out-out-bounds memory write, leading to remote code execution. An attacker must convi
Hacker Discloses Unpatched Windows Zero-Day Vulnerability (With PoC)

Hacker Discloses Unpatched Windows Zero-Day Vulnerability (With PoC)

August 28, 2018Swati Khandelwal
A security researcher has publicly disclosed the details of a previously unknown zero-day vulnerability in the Microsoft's Windows operating system that could help a local user or malicious program obtain system privileges on the targeted machine. And guess what? The zero-day flaw has been confirmed working on a "fully-patched 64-bit Windows 10 system." The vulnerability is a privilege escalation issue which resides in the Windows' task scheduler program and occured due to errors in the handling of Advanced Local Procedure Call (ALPC) systems. Advanced local procedure call (ALPC) is an internal mechanism, available only to Windows operating system components, that facilitates high-speed and secure data transfer between one or more processes in the user mode. The revelation of the Windows zero-day came earlier today from a Twitter user with online alias SandboxEscaper, who also posted a link to a Github page hosting a proof-of-concept (PoC) exploit for the
Beware of an Unpatched Microsoft Word 0-Day Flaw being Exploited in the Wild

Beware of an Unpatched Microsoft Word 0-Day Flaw being Exploited in the Wild

April 09, 2017Swati Khandelwal
It's 2017, and opening a simple MS Word file could compromise your system. Security researchers are warning of a new in-the-wild attack that silently installs malware on fully-patched computers by exploiting a serious — and yet unpatched — zero-day vulnerability in all current versions of Microsoft Office. The Microsoft Office zero-day attack, uncovered by researchers from security firms McAfee and FireEye, starts simply with an email that attaches a malicious Word file containing a booby-trapped OLE2link object. When opened, the exploit code gets executed and makes a connection to a remote server controlled by the attacker, from where it downloads a malicious HTML application file (HTA) that's disguised as a document created in Microsoft's RTF (Rich Text Format). The HTA file then gets executed automatically with attackers gaining full code execution on the victim’s machine, downloading additional payloads from "different well-known malware families"
Microsoft Says Russian Hackers Using Unpatched Windows Bug Disclosed by Google

Microsoft Says Russian Hackers Using Unpatched Windows Bug Disclosed by Google

November 02, 2016Swati Khandelwal
Google's Threat Analysis Group publically disclosed on Monday a critical zero-day vulnerability in most versions of Windows just 10 days after privately disclosed both zero days to Microsoft and Adobe. While Adobe rushed an emergency patch for its Flash Player software on October 26, Microsoft had yet to release a fix. Microsoft criticized Google's move, saying that the public disclosure of the vulnerability — which is being exploited in the wild — before the company had time to prepare a fix, puts Windows users at "potential risk." The result? Windows Vista through current versions of Windows 10 is still vulnerable , and now everybody knows about the critical vulnerability. Now, Microsoft said that the company would be releasing a patch for the zero-day flaw on 8th November, as part of its regular round of monthly security updates. Russian Hackers are actively exploiting critical Windows kernel bug Microsoft acknowledged the vulnerability in a blog
Google discloses Critical Windows Zero-Day that makes all Windows Users Vulnerable

Google discloses Critical Windows Zero-Day that makes all Windows Users Vulnerable

November 01, 2016Swati Khandelwal
Google has once again publicly disclosed a zero-day vulnerability in current versions of Windows operating system before Microsoft has a patch ready. Yes, the critical zero-day is unpatched and is being used by attackers in the wild. Google made the public disclosure of the vulnerability just 10 days after privately reporting the issue to Microsoft, giving the chocolate factory little time to patch issues and deploy a fix. According to a blog post by Google's Threat Analysis Group, the reason behind going public is that it has seen exploits for the vulnerability in the wild and according to its internal policy , companies should patch or publicly report such bugs after seven days. Windows Zero-Day is Actively being Exploited in the Wild The zero-day is a local privilege escalation vulnerability that exists in the Windows operating system kernel. If exploited, the flaw can be used to escape the sandbox protection and execute malicious code on the compromised system.
Hackers Selling Unpatched Microsoft Windows Zero-Day Exploit for $90,000

Hackers Selling Unpatched Microsoft Windows Zero-Day Exploit for $90,000

June 03, 2016Swati Khandelwal
How much a Windows zero-day exploit that affects all versions of Windows operating system costs on the black market? It's $95,000, at least, for the one recently spotted by security researchers. Researchers from Trustwave's SpiderLabs team have uncovered a zero-day exploit on Russian underground malware forum exploit.in, affecting all versions of Microsoft Windows OS from Windows 2000 all the way up to a fully patched version of Windows 10. The zero-day exploit for the previously unknown vulnerability in " every version " of Windows is openly sold for $90,000 ( over £62,000 ). The security team originally discovered the zero-day exploit last month when the firm saw its ad on a Russian hacking forum for $95,000. However, the price has now been dropped to $90,000. The zero-day vulnerability in question claims to be a Local Privilege Escalation (LPE) bug in Windows that offers admin access to run malicious code on a victim's PC and is less dangerous th
Microsoft Patches 3 Zero-day Vulnerabilities actively being Exploited in the Wild

Microsoft Patches 3 Zero-day Vulnerabilities actively being Exploited in the Wild

October 15, 2014Swati Khandelwal
As part of monthly patch update, Microsoft released eight security bulletins on Tuesday that address dozens of vulnerabilities including a zero-day flaw reportedly being exploited by Russian hackers to target NATO computers and a pair of zero-day Windows vulnerabilities that attackers have been exploiting to penetrate major corporations' networks. Just a day before yesterday, our team reported you about a Zero-day vulnerability discovered by the cyber intelligence firm iSight Partners affecting all supported versions of Microsoft Windows and is being exploited in a five-year old cyber-espionage campaign against the Ukrainian government and U.S organisations. Researchers at FireEye found two zero-day flaws, used in separate, unrelated attacks involving exploitation of Windows kernel, just a day after iSight partners disclosed zero-day in Windows. The pair of zero-day vulnerabilities could allow an attacker to access a victim's entire system. According to the res
Microsoft Windows Zero-Day Vulnerability "CVE-2014-4114" Used to Hack NATO

Microsoft Windows Zero-Day Vulnerability "CVE-2014-4114" Used to Hack NATO

October 14, 2014Swati Khandelwal
Once again a Russian cyber espionage group has gained media attention by exploiting a Zero-day vulnerability in Microsoft’s Windows operating system to spy on the North Atlantic Treaty Organization ( NATO ), Ukrainian and Polish government agencies, and a variety of sensitive European industries over the last year. ZERO-DAY VULNERABILITY IN MICROSOFT WINDOWS Researchers at cyber intelligence firm iSight Partners have discovered a zero-day vulnerability that impacts desktop and server versions of Windows, from Vista and Server 2008 to current versions. They also uncovered a latest cyber-spying campaign - suspected to be based in Russia - that uses this Zero-day vulnerability ( CVE-2014-4114 ) to target government leaders and institutions for nearly five years. The recently detected Russian hacking group is dubbed as " Sandworm Team " by iSIGHT Partners because it found references to the Frank Herbert's " Dune " science fiction series in the malici
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.