There has been a proof-of-concept (POC) in the wild that includes source code containing information on how to exploit a flaw in Windows kernel API RtlQueryRegistryValues, which can lead to privilege elevation.
…
– Zarestel Ferrer on CA Security Advisor Research Blog
Related Posts
- New Windows 0-day exploit speaks chinese
This isn't exactly what could be defined a lucky year for Microsoft. If Windows 7 sales are booming, on the other hand the operating system made-in-Redmond has been hit hard by a lot of targetted at... - Windows 0-day SMB mrxsmb.dll vulnerability, (Wed, Feb 16th)
A new vulnerability has been discovered exploiting SMBcomponent of Windows. The attack involves sending of malformed Browser Election requests leading the heap overflow within the mrxsmb.dll driver.Th... - Heads up… 0-day in an exploit kit
Hi folks, It's fairly well known (well, well-known if you're a security geek) that CVE-2010-3962 is in the Wild, but over the last couple of days, we've begun detecting it in the Eleonore Exploit Kit... - Windows 0-day exploit: Q&A session
Here is a Q&A session to address some questions we have received since yesterday:1) What versions of Microsoft Windows are affected by this flaw?The released exploit hit only Windows Vista and Window... - Zero-day Windows exploit – Microsoft issues advisory
Microsoft has just published an advisory about a remotely-exploitable vulnerability in the Windows graphics rendering engine. A patch isn't available yet, but with Patch Tuesday just a week away, we ... - Newly discovered Windows kernel flaw bypasses UAC
Last week an exploit for a Windows kernel flaw was published by an unknown source. Presumably as a joke, details of the flaw, along with proof-of-concept code, were published o... - Windows 0-day thoughts and protection
Currently the news about a Proof-of-Concept malware makes the rounds which is able to bypass the User Account Control (UAC) of Windows Vista / Windows 7 without user notification to gain privileged s... - Zero-Day Bypasses Windows UAC
Yet another zero-day vulnerability recently reared its ugly head in the threat landscape. Discovered by Marco Giuliani at Prevx, the proof of concept (POC) shows that a vulnerable application program... - Zero-Day Bypasses Windows UAC from Trend Micro)
Yet another zero-day vulnerability recently reared its ugly head in the threat landscape. Discovered by Marco Giuliani at Prevx, the proof of concept (POC) shows that a vulnerable application program... - New Windows zero-day flaw bypasses UAC
A new zero-day exploit in Microsoft Windows was disclosed today. The exploit allows an application to elevate privilege to "system," and in Vista and Windows 7 also bypass User Account Control (UAC)....
