Unknown zero-day vulnerability affects all Windows versions, source code offered for $90,000

By: Madeleine Dean
2 minute read

Microsoft proudly boasts that both its Windows 10 and Edge browser are the most secure systems in the world. However, we all know there is no such thing as malware-proof software and recently discovered that even Microsoft’s latest OS and its components are vulnerable to threats.

For one, the Windows God Mode hack makes it possible for hackers to command Control Panel options and Settings, using the vulnerability as an access gate for serious malware attacks. Microsoft also warned users about a new macro trick used to activate ransomware. All this while a large swath of user continue to run unsupported Windows XP and IE versions, turning their computers into sitting ducks for hackers.

These are only a few specific examples of vulnerabilities — and the worst is yet to come. According to a recent disclosure, there is a zero-day exploit for all 32 and 64-bit versions of Windows versions. The information was revealed by a well-known user, BuggiCorp, who is also willing to sell the source-code of this exploit for $90,000. The user requests the payment to be done in Bitcoin.

Exploit for local privilege escalation (LPE) for a 0day vulnerability in win32k.sys. The vulnerability exists in the incorrect handling of window objects, which have certain properties, and [the vulnerability] exists in all OS [versions], starting from Windows 2000. [The] exploit is implemented for all OS architectures (x86 and x64), starting from Windows XP, including Windows Server versions, and up to current variants of Windows 10. The vulnerability is of “write-what-where” type, and as such allows one to write a certain value to any address [in memory], which is sufficient for a full exploit. The exploit successfully escapes from ILL/appcontainer (LOW), bypassing (more precisely: doesn’t get affected at all [by]) all existing protection mechanisms such as ASLR, DEP, SMEP, etc.

This vulnerability is extremely dangerous since it allegedly lets hackers elevate the privileges of any software process to the system level. It would be interesting to see who buys the code as anyone, from Microsoft to hackers, could do so. For the time being, there is no certainty about whether the exploit is authentic or not. Microsoft is already aware of the existence of this code, but has yet to issue any comments.

RELATED STORIES YOU NEED TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading

Discussions