Sunday, September 15, 2024
18.5 C
London

This Windows Update exploit is downright terrifying

Windows Update could sometimes backfire with faulty patches, however for essentially the most half, it’s meant to maintain us protected from the most recent threats. Microsoft repeatedly pushes new patches that tackle potential vulnerabilities. But what if there have been a device that would undo each Windows Update and go away your PC uncovered to all of the threats Microsoft thought it had already fastened? Bad information: Such a device now exists, and it’s known as Windows Downdate.

Don’t fear, although. You’re protected from Windows Downdate — at the very least for now. The device was developed as a proof-of-concept by SafeBreach researcher Alon Leviev, and though its potential is nothing wanting terrifying, it was made in good religion for instance of one thing known as “white-hat hacking,” the place researchers attempt to discover vulnerabilities earlier than malicious menace actors can do it first.

In the case of Windows Downdate, if this fell into the mistaken palms, the impression may very well be staggering. The exploit depends on a flaw in Windows Update to put in older updates the place sure vulnerabilities haven’t been patched but. Leviev used the device to downgrade dynamic hyperlink libraries (DLL), drivers, and even the NT kernel, which is a core part in Windows. This is achieved whereas bypassing all verification, and the result’s completely invisible and irreversible.

“I was able to make a fully patched Windows machine susceptible to thousands of past vulnerabilities, turning fixed vulnerabilities into zero-days and making the term ‘fully patched’ meaningless on any Windows machine in the world,” mentioned Leviev in a SafeBreach submit. “After these downgrades, the OS reported that it was fully updated and was unable to install future updates, while recovery and scanning tools were unable to detect issues.”

The Windows Downgrade tool
<span class=credit><a href=httpswwwtomshardwarecomsoftwarewindowswindows downdate exposes updated os to old vulnerabilities rel=nofollow noskim noopener target= blank>Alon Leviev SafeBreach<a><span>

Leviev additionally found that all the virtualization stack in Windows was additionally prone to this exploit; the researcher managed to downgrade Credential Guard’s Isolated User Mode Process, Hyper-V’s hypervisor, and Secure Kernel. Leviev even discovered “multiple ways” to show off virtualization-based safety (VBS) in Windows, and this was nonetheless attainable even when UEFI locks have been enforced.

“To my knowledge, this is the first time VBS’s UEFI locks have been bypassed without physical access,” Leviev mentioned.

Windows Downdate can basically undo each safety patch ever created, then trick the PC into considering every little thing is okay because it stealthily exposes it to a whole bunch of various threats. A device resembling this might wreak some critical havoc on any OS, and Leviev suspects that different working techniques, resembling MacOS and Linux, is perhaps in danger as effectively.

The excellent news is that Leviev meant to guard Windows customers from a device resembling this, and the researcher reported his findings to Microsoft in February 2024. Microsoft issued two CVEs in response (CVE-2024-21302 and CVE-2024-38202) and seems to be exhausting at work fixing this vulnerability. Let’s hope that Microsoft is faster to patch this exploit than non-ethical hackers are to make use of it to their very own benefit.

Source

Hot this week

Vehicle conversion: Edo varsity unveils one year industrial training for students

The management of Edo University, Uzairue, has launched a mandatory one-year industrial training for students in the departments of Chemical and Mechanical Engineering to enable them...

Geordie Shore’s Charlotte Crosby causes utter mayhem as she flogs free Oasis tickets

Former Geordie Shore star Charlotte Crosby has set social media alight with an Oasis giveaway in conjunction with her fashion brand Source...

Nvidia’s most underrated DLSS feature deserves far more attention

Nvidia's DLSS is a critical piece of modern PC gaming tech, but one feature of the suite has flown under the radar. Source...

Graham Norton’s reveals ‘nightmare’ Hollywood guest who passed out drunk on stage

Chat show legend Graham Norton opened up about his most memorable episodes - including one where a Hollywood superstar fell asleep on the famous sofa in...

NDLEA busts UK-bound opioid shipment, arrests freight agent, businesswoman

Operatives of the National Drug Law Enforcement Agency have arrested an Ibadan, Oyo State-based businesswoman, Mrs Adewunmi Adebola Dorcas, and an auto parts dealer, Arinze Ora,...

Topics

Vehicle conversion: Edo varsity unveils one year industrial training for students

The management of Edo University, Uzairue, has launched a mandatory one-year industrial training for students in the departments of Chemical and Mechanical Engineering to enable them...

Geordie Shore’s Charlotte Crosby causes utter mayhem as she flogs free Oasis tickets

Former Geordie Shore star Charlotte Crosby has set social media alight with an Oasis giveaway in conjunction with her fashion brand Source...

Nvidia’s most underrated DLSS feature deserves far more attention

Nvidia's DLSS is a critical piece of modern PC gaming tech, but one feature of the suite has flown under the radar. Source...

Graham Norton’s reveals ‘nightmare’ Hollywood guest who passed out drunk on stage

Chat show legend Graham Norton opened up about his most memorable episodes - including one where a Hollywood superstar fell asleep on the famous sofa in...

NDLEA busts UK-bound opioid shipment, arrests freight agent, businesswoman

Operatives of the National Drug Law Enforcement Agency have arrested an Ibadan, Oyo State-based businesswoman, Mrs Adewunmi Adebola Dorcas, and an auto parts dealer, Arinze Ora,...

Police probe killing of Enugu market chairman

The Enugu State Police Command has stated that it has begun a probe into the suspected murder of the Chairman of Ogbete Main Market Traders Association,...

3 BritBox shows you should watch in September 2024

These BritBox shows are a reminder of how different the British TV industry is from Hollywood, often in a good way. Source...

5 years ago, the best crime movie of the 2010s changed the game forever

In 2019, this critically acclaimed movie changed the crime movie genre forever. Five years later, Digital Trends looks back on its legacy. Source...

Related Articles