Unknown zero-day vulnerability affects all Windows versions, source code offered for $90,000

Madeleine Dean By: Madeleine Dean
2 minute read

Home » Unknown zero-day vulnerability affects all Windows versions, source code offered for $90,000

Microsoft proudly boasts that both its Windows 10 and Edge browser are the most secure systems in the world. However, we all know there is no such thing as malware-proof software and recently discovered that even Microsoft’s latest OS and its components are vulnerable to threats.

For one, the Windows God Mode hack makes it possible for hackers to command Control Panel options and Settings, using the vulnerability as an access gate for serious malware attacks. Microsoft also warned users about a new macro trick used to activate ransomware. All this while a large swath of user continue to run unsupported Windows XP and IE versions, turning their computers into sitting ducks for hackers.

These are only a few specific examples of vulnerabilities — and the worst is yet to come. According to a recent disclosure, there is a zero-day exploit for all 32 and 64-bit versions of Windows versions. The information was revealed by a well-known user, BuggiCorp, who is also willing to sell the source-code of this exploit for $90,000. The user requests the payment to be done in Bitcoin.

Exploit for local privilege escalation (LPE) for a 0day vulnerability in win32k.sys. The vulnerability exists in the incorrect handling of window objects, which have certain properties, and [the vulnerability] exists in all OS [versions], starting from Windows 2000. [The] exploit is implemented for all OS architectures (x86 and x64), starting from Windows XP, including Windows Server versions, and up to current variants of Windows 10. The vulnerability is of “write-what-where” type, and as such allows one to write a certain value to any address [in memory], which is sufficient for a full exploit. The exploit successfully escapes from ILL/appcontainer (LOW), bypassing (more precisely: doesn’t get affected at all [by]) all existing protection mechanisms such as ASLR, DEP, SMEP, etc.

This vulnerability is extremely dangerous since it allegedly lets hackers elevate the privileges of any software process to the system level. It would be interesting to see who buys the code as anyone, from Microsoft to hackers, could do so. For the time being, there is no certainty about whether the exploit is authentic or not. Microsoft is already aware of the existence of this code, but has yet to issue any comments.

RELATED STORIES YOU NEED TO CHECK OUT:

Discussions

Next up

How to fix Unable to open serial port error message

Milan Stanojevic avatar. By: Milan Stanojevic
5 minute read

A serial port can be useful, but some users reported Unable to open serial port message on their PC. This can be a big problem, […]

Continue Reading

How to fix Operation on the printer is required error

Milan Stanojevic avatar. By: Milan Stanojevic
6 minute read

Most of us print documents frequently, but sometimes Operation on the printer is required message can appear and prevent you from printing. This can be […]

Continue Reading

How to fix Nvidia GFE “Something went wrong…” error

Aleksandar Ognjanovic By: Aleksandar Ognjanovic
4 minute read

The GeForce Experience client by Nvidia is all-in-one suite covering everything from the in-game screenshots,  live streams, and graphics optimization. Quite a valuable asset for […]

Continue Reading