SophosLabs revealed a new zero-day exploit in Microsoft Windows which allows an application to elevate permissions while bypassing User Account Control (UAC) In Windows Vista and Windows 7.
The exploit affects all versions of Windows back to Windows XP. An elevation of priviledge vulnerability means that malicious code is able to effectively take control of a system even when run in so-called 'sandboxed' environments such as web browsers.
“The exploit takes advantage of a bug in win32k.sys, which is part of the Windows kernel. The flaw is related to the way in which a certain registry key is interpreted and enables an attacker to impersonate the system account, which has nearly unlimited access to all components of the Windows system,” wrote Sophos security advisor Chester Wisniewski on the firm's Naked Security blog.
“There is one mitigation I discovered while researching this exploit. Unfortunately it is somewhat complicated, said Wisniewski. The SophosLabs Naked Security blog has details of the changes that need to be applied to Windows including registry settings.
Wisniewski posted a YouTube video showing how the exploit works and what can be done about it.
Advertisement
Related Stories
- iOS update fixes bugs and security flaws May 8th 2012 at 5:45AM
- Microsoft fingers Chinese firm in RDP flaw leak May 4th 2012 at 3:00AM
- Microsoft fixes '0-day' Hotmail flaw Apr 30th 2012 at 12:19AM
- Global Payments breach of 1.5m credit cards Apr 3rd 2012 at 8:29AM
- Hacktivists lifted more data than criminal gangs Mar 22nd 2012 at 11:14PM
- Microsoft accused of leaking attack code Mar 18th 2012 at 9:30PM
- Lulzsec leader Sabu turned by the FBI Mar 7th 2012 at 1:15AM
- Over half of UK companies infected by malware Feb 13th 2012 at 11:57AM
- Google describes 'Bouncer' Android anti-malware system Feb 3rd 2012 at 6:41AM
- Apple OS X updates released Feb 2nd 2012 at 5:44AM
