Most Windows versions suffer from new zero-day exploit

2 min. read

Published onJune 2, 2016

published onJune 2, 2016

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

A new zero-day exploit that affects all versions of Windows starting with Windows 2000 has been discovered byTrustwave’s SpiderLabs research team(viaBGR). The researchers spotted that the exploit was being advertised on a Russian hacking forum last month, and the seller who goes under the nickname “BuggiCorp” is currently selling it for $95,000.

In this case, the zero day exploit is a Local Privilege Escalation (LPE) vulnerability in Windows. Trustwave shared the following technical details:

Although such an exploit can’t provide the initial infection vector like a Remote Code Execution (RCE) would, it is still a very much needed puzzle piece in the overall infection process. For instance, an LPE exploit paired with a client-side RCE exploit can allow an attacker to escape an application that implements sandbox protection (For example Google Chrome, Adobe Reader, etc…).

Moreover, an LPE exploit provides the means to persist on an infected machine, which is a crucial aspect when considering APTs (Advanced Persistent Threats). In general terms, this exploit can be leveraged in almost any kind of attack scenario.

Trustwave also notes that the hacker has “put in the effort to present himself/herself as a trustworthy seller with a valid offering”. Indeed, he has also posted two different videos of the exploit for potential buyers that you can find below:

Trustwave researchers have already notified Microsoft about the zero day offering but the company has yet to acknowledge the exploit. As this zero day works in tandem with other exploits there is no real need to worry yet, though the researchers who are used to work with Redmond on Windows security think that this commerce of security exploits could be worsening:

Finding a zero day listed in between these fairly common offerings is definitely an anomaly. It goes to show that zero days are coming out of the shadows and are fast becoming a commodity for the masses, a worrying trend indeed.

Radu Tyrsina

Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time).

For most of the kids of his age, the Internet was an amazing way to play and communicate with others, but he was deeply impressed by the flow of information and how easily you can find anything on the web.

Prior to founding Windows Report, this particular curiosity about digital content enabled him to grow a number of sites that helped hundreds of millions reach faster the answer they’re looking for.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Radu Tyrsina

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low#

Copilot in Outlook will generate personalized themes for you to customize the app#

Microsoft will raise the price of its 365 Suite to include AI capabilities#

Death Stranding Director’s Cut is now Xbox X|S at a huge discount#

Outlook will let users create custom account icons so they can tell their accounts apart easier#

Most Windows versions suffer from new zero-day exploit#

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Most Windows versions suffer from new zero-day exploit