A Google Photos flaw could expose your location

A Google Photos flaw could expose your location

A vulnerability in Google Photos, discovered by Imperva, a cyber-security software company, allows ...
Read More
infosec tweaks

What is spear phishing and how can we protect it

In our time, phishing attacks, also known as "phishing," are emerging as a growing threat. So it's very ...
Read More

Hackers-creators of famous Banking Trojans work together for the perfect attack!

Banking Trojans are popular in criminal systems, given the valuable data and financial service credentials that can ...
Read More

What are DoS attacks and what tools are being implemented?

Before the DDoS attacks occur, their predecessors, known as Denial of Service attacks (DoS), formed the ...
Read More
infosec rapidshare

NordVPN: The most reliable VPN service provider

Find Out the Best VPN Service on the Market What is a VPN A Virtual Private Network or VPN,
Read More
Latest Posts

Windows Security Alert: The new exploitation targets 8 to 10

Microsoft sent a patch on Tuesday, which was trying to identify two vulnerabilities that are actively exploiting Windows. The first to target Windows 7 users was released last week by Google security engineer Clement Lecigne. He warned that vulnerability could be used along with his exploitation Chrome to take over Windows systems and updated users to upgrade to Windows 10.


The second defect was detected by Kaspersky Lab saying they have detected a new exploitation vulnerability in Windows, which it believes has been used in targeted attacks by at least two threat carriers.

The exploitation targets Window 8 and Window 10 by using a vulnerability in the Microsoft Windows Graphics subsystem to achieve the escalation of local privileges. This provides the attacker with complete control of the victim's computer.

The vulnerability he exploited was detected by Kaspersky Lab's "Automatic Exploit Prevention".

Kaspersky Lab products detect the exploit as:

HEUR: Exploit.Win32.Generic

HEUR: Trojan.Win32.Generic

PDM: Exploit.Win32.Generic

Kaspersky researchers who discovered the bug, Vasiliy Berdnikov and Boris Larin, say in a blog: "In February of 2019, AEPs detected an attempt to exploit a vulnerability in the Microsoft Windows operating system. Further analysis of this fact led to the discovery of a vulnerability in win32k.sys. »

They add: "CVE-2019-0797 is a rare state in the win32k driver due to the lack of proper synchronization between the unrecorded NtDCompositionDiscardFrame and NtDCompositionDestroyConnection."

This is the fourth parallel exploiting vulnerability of Local Privilege Escalation in Windows that Kaspersky recently discovered.

Researchers believe that localized exploitation could be used by various threatening agents, such as FruityArmor and SandCat.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *