微软创纪录修复漏洞同日,零日攻击代码遭公开

AI导读

微软发布大量安全补丁后,研究员公开了名为HiveLegacy的零日漏洞利用代码,该漏洞可让低权限Windows账户对管理员账户进行敏感更改。该漏洞存在于Windows用户配置文件服务中,允许受限用户通过修改注册表配置单元来破坏管理员账户。匿名研究员NightmareEclypse已发布九个此类漏洞,并称已简化代码以防恶意利用。

AI Prism 智棱 - AI应用 分类封面图
Right on the heels of Microsoft releasing a record number of security patches, a researcher has published exploit code that can enable low-privilege Windows accounts to make sensitive changes to administrator accounts. The exploit, which multiple researchers say works, is sending Microsoft scrambling, yet again, to patch a zero-day released by an anonymous researcher who has complained about the software maker’s handling of their bug reports. To date, the pseudonymous NightmareEclypse has published nine such exploits, including Tuesday’s HiveLegacy. The researcher said the proof-of-concept code included in the report was stripped down to prevent attackers from using it maliciously. A “pretty powerful primitive” HiveLegacy is an elevation-of-privilege exploit that targets a vulnerability residing in the Windows User Profile Service. It allows users (and with more work likely processes) with limited system rights to compromise an admin user's account by modifying its classes registry hive, a resource that ensures the correct application opens when certain types of files are clicked on in Windows Explorer.Read full article Comments

内容声明

本文内容基于公开市场信息与媒体报道进行整理,部分观点来自社区讨论。如涉及事实性问题,欢迎通过 xurj005@163.com 与我们指正,我们将及时核实并更新。