French researcher discovers serious security vulnerability in Windows 7

[ad_1]

By mistake, a French researcher, while working on updating Windows Security Tool, managed to find a vulnerability in Windows 7 and Windows Server 2008 R2.

The vulnerability resides in two misconfigured registry keys for the RPC Endpoint Mapper and DNSCache services that are part of all Windows installations.

French security researcher Clément Labro says: An attacker with access to vulnerable systems can modify these registry keys to activate a subkey typically used by the Windows performance monitoring mechanism.

Performance subkeys are typically used to monitor application performance, and because of their role, they also allow developers to download DLL files to track performance using special tools.

Usually in modern versions of Windows these DLL libraries are restricted and have limited privileges.

It’s still possible in Windows 7 and Windows Server 2008 to download special DLL libraries that work with system-wide privileges, Labro said.

Most security researchers report serious security issues like this to Microsoft when they find them, but in Labro’s case, it was too late.

Labro said it discovered the vulnerability after it released an update to PrivescCheck to check for common Windows security error configurations that malware could abuse to elevate privileges.

The PrivescCheck update added support for a new set of checks for elevation of privilege techniques.

Labro said: I had no idea that the new checks highlighted a new way to elevate privileges until I started the investigation with a series of alerts that appear on older systems, such as Windows 7, a few days after the release of the tool update.

By that point, it was too late for the researcher to report the issue to Microsoft, and the researcher instead opted to blog about the new method on his personal website.

And Windows 7 and Windows Server 2008 R2 have officially reached the end of their life, and Microsoft has stopped providing free security updates.

Some security updates are available for Windows 7 users through the paid support program called (Extended Support Updates) ESU, but a fix for this issue has not yet been released.

It is not clear whether Microsoft will fix the new vulnerability.

[ad_2]
Source link

Naaju Breaking News, Live Updates, Latest Headlines, Viral News, Top Stories, Trending Topics, Videos

French researcher discovers serious security vulnerability in Windows 7

Related Articles

French researcher discovers serious security vulnerability in Windows 7

Related Articles

“If I could go back in time, I wouldn’t be making my films.”

Shareholders of “Gulf Training” discuss a 200 million riyal capital increase on November 3

South African report: Musimani could return home in a few days. His renewal negotiations with Al-Ahly are in crisis

Link active .. here is a free Minecraft game for Android, the original version – your news now

"roulette" Honors the winners of its annual National Award for Mental Health Promotion – Riyadh

ACWA Power shares add $ 3 billion, jumping 30% to 72.8 riyals at the start of trading