.jpg)
A researcher from Google released details of a flaw in the Windows 8.1 operating system (32 and 64 bit), which can result in elevation of privilege.
The fault is at "ahcache.sys / NtApphelpCacheControl", an internal function of Windows. If exploit, an attacker could end up trying to run certain programs with administrator rights.
A Microsoft spokesman acknowledged the existence of the fault. The firm is currently working on a patch that could be available with the first Patch Tuesday of 2015 for Windows. The firm, however, limits the scope of the fault. "It is important to note that an attacker could exploit this vulnerability on an affected system, it should have valid logon credentials and be able to log on locally to the target machine," reassures spokesman Microsoft. "We encourage customers to keep their antivirus software up to date, and install the available security updates and maintain active firewall on their computer. »
It seems that the firm was taken aback by making available to the public information on this fault, while a patch is not yet available.
The flaw was discovered on September 30 by the Google engineer named Forshaw and is listed under the policy "Google Project Zero," which authorizes the disclosure of a flaw 90 days after its discovery. "This bug is subject to the 90 day disclosure period. If 90 days pass without a patch is widely available, then the bug report will be automatically visible to the general public, "Forshaw note at the end of the file on the fault. Nothing, however, that Microsoft was alerted to it.
The proof of feasibility (PoC) that was published contains two executable files and a set of instructions to launch the Windows calculator as administrator. According Forshaw, she did not find at the UAC (User Account Control), but it is used in part in the feasibility of proof of fault.
The PoC was run on Windows 8.1, in 32 and 64 bits. It is not clear if other versions of the operating system are affected.
.jpg)
.jpg)
0 comments