Techly NewsGet the app

Get the latest tech news

A Flaw in Windows Update Opens the Door to Zombie Exploits


A researcher found a vulnerability that would let hackers strategically downgrade a target’s Windows version to reexpose patched vulnerabilities. Microsoft is working on fixes for the issue.

From there, he developed a proof-of-concept attack that utilized this access to disable the Windows protection known as Virtualization-Based Security (VBS) and ultimately target highly privileged code running in the computer's core “kernel.” With this control, Leviev then found strategies to downgrade multiple key components of Windows, including drivers, which coordinate with hardware peripherals; dynamic link libraries, which contain system programs and data; and, crucially, the NT kernel, which contains the most core instructions for a computer to run. Leviev emphasizes that downgrade attacks are an important threat for the developer community to consider as hackers endlessly seek paths into target systems that are stealthy and difficult to detect.

Get the Android app

Or read this on Wired

Read more on:

Photo of flaw

flaw

Photo of door

door

Photo of Exploits

Exploits

Related news:

News photo

Cybersecurity Researcher Discovers Yet Another Flaw in Georgia’s Voter Cancellation Portal | The flaw would have allowed anyone to submit a voter registration cancellation request for any Georgian using their name date of birth and county of residence — information that is easily discoverable online

News photo

A New Way to Make Element 116 Opens the Door to Heavier Atoms

News photo

Social Media Is Junk Food for Information Foragers • Social media exploits our evolved need for information, feeding us fluff and outright misinformation. A new science of human collective behavior can help us retake control

« Could this new drug turn back the clock on multiple sclerosis?
Fortnite ditches long-standing promise Battle Pass items won't be available to buy later »