Unknown zero-day vulnerability affects all Windows versions, source code offered for $90,000

2 minute read

Home » News » Unknown zero-day vulnerability affects all Windows versions, source code offered for $90,000

Microsoft proudly boasts that both its Windows 10 and Edge browser are the most secure systems in the world. However, we all know there is no such thing as malware-proof software and recently discovered that even Microsoft’s latest OS and its components are vulnerable to threats.

For one, the Windows God Mode hack makes it possible for hackers to command Control Panel options and Settings, using the vulnerability as an access gate for serious malware attacks. Microsoft also warned users about a new macro trick used to activate ransomware. All this while a large swath of user continue to run unsupported Windows XP and IE versions, turning their computers into sitting ducks for hackers.

These are only a few specific examples of vulnerabilities — and the worst is yet to come. According to a recent disclosure, there is a zero-day exploit for all 32 and 64-bit versions of Windows versions. The information was revealed by a well-known user, BuggiCorp, who is also willing to sell the source-code of this exploit for $90,000. The user requests the payment to be done in Bitcoin.

Exploit for local privilege escalation (LPE) for a 0day vulnerability in win32k.sys. The vulnerability exists in the incorrect handling of window objects, which have certain properties, and [the vulnerability] exists in all OS [versions], starting from Windows 2000. [The] exploit is implemented for all OS architectures (x86 and x64), starting from Windows XP, including Windows Server versions, and up to current variants of Windows 10. The vulnerability is of “write-what-where” type, and as such allows one to write a certain value to any address [in memory], which is sufficient for a full exploit. The exploit successfully escapes from ILL/appcontainer (LOW), bypassing (more precisely: doesn’t get affected at all [by]) all existing protection mechanisms such as ASLR, DEP, SMEP, etc.

This vulnerability is extremely dangerous since it allegedly lets hackers elevate the privileges of any software process to the system level. It would be interesting to see who buys the code as anyone, from Microsoft to hackers, could do so. For the time being, there is no certainty about whether the exploit is authentic or not. Microsoft is already aware of the existence of this code, but has yet to issue any comments.

RELATED STORIES YOU NEED TO CHECK OUT:

Discussions

Next up

Gears 5 players want more characters in the game

John Taylor avatar. By: John Taylor
2 minute read

Gears 5 is the latest installment in the Gears of War series and has taken the gaming community by storm. Unfortunately, it had a rough […]

Continue Reading

Revolut login not working? Try these methods

Tashreef Shareef avatar. By: Tashreef Shareef
3 minute read

Revolut is a popular banking app offering financial services for smartphone users with features like a pre-paid debit card, currency exchange, peer-to-peer payment, and more. […]

Continue Reading

Do this if you experience Borderlands 3 FPS drops

John Taylor avatar. By: John Taylor
3 minute read

Borderlands 3 is an action role-playing first-person shooter video game that is currently at its 4th installment. Like any sequel, it is far superior to […]

Continue Reading