A free micropatch that fixes a local privilege scaling (LPE) vulnerability in Microsoft's Windows PsExec management tool is now available through the 0patch platform.
This zero-day PsExec is caused by a named pipe pipe hijacking vulnerability (also known as named pipe squatting) that allows intruders to trick PsExec into reopening a maliciously created "named pipeAnd give it to him local system rights.
After the successful exploitation of the error, the threatening agents will be able to perform arbitrary procedures as a Local System that allows them to effectively undertake the use of the machine.
Affects PsExec releases released over the last 14 years
Malware researcher David Wells discovered the vulnerability and made it public on December 9, 2020, 90 days after information Microsoft and failed to correct the error.
While researching vulnerability and creating one proof-of-concept, Wells was able to confirm that zero-day vulnerability affects many versions of Windows from Windows XP to Windows 10.
He also found that it affects many versions of PsExec, starting with v1.72 released in 2006 and ending with PsExec v2.2, the latest version released four years ago, which means that zero-day vulnerability affects all versions of PsExec where were launched for twelve years.
Micropatch is only valid for the latest version of PsExec
Applies to the latest 32-bit and 64-bit PsExec versions, but may be ported to older versions of PsExec depending on users, as Kolsek wrote earlier today.
Source of information: bleepingcomputer.com