Microsoft's HVCIScan binary suffers from a dll hijacking vulnerability.
865ceea55981bfe42ef02662844aae4e83d864301172df9484458a4ffd66687fThis write up is an overview of how Microsoft's attempts to manage elevated access to executables via registry entries has added over complexity that still allows for escalation.
b1516a79355be52fa5902480223a989e031dabbe42f666f261b68eb25bbb8331When Microsoft released UTF-8 support for the -A interfaces of the Windows API, it appears to have introduced buffer overrun conditions.
fd54b53140cb0a9c16fc5520fcb15b03b3915d1e37bb7f97c426270dfbc79e9bMicrosoft's CMD.EXE suffers from an integer overflow vulnerability that can cause a denial of service.
0dd89aa95efb736688b5ffc10611f37891e22e136b3e6479a503952ce6a9f6e3The way Microsoft Windows implements file security appears to have some significant shortcomings.
1a9d53b83691e86720f4c510191f9bc7a7352b1a697239a933f41958c7ec6982Microsoft Windows can dupe users into trusting executables with DLL hijacking and privilege escalation issues.
cb269dbc3308c3e9fbe0001388d76caee981689af8bcb73404441bdd457de392A new SAFER bypass was discovered that affects older versions of windows.
af2bc8f393023dfcfdbaf3b86d4f45468c9560916410eab2deed331e64585960Windows 10 Wi-Fi Drivers For Intel Wireless Adapters version 22.30.0 suffer from a privilege escalation vulnerability.
32a3533c7499f0b1656df4f46d4c4091cf67f7d914aa53d3ffec372e45979b20Intel Rapid Storage Technology (RST) User Interface and Driver suffers from a privilege escalation vulnerability.
6c71160434a8022aa6306e32ffb5e3ea17e9aa3bb0bf6410c87cef4fc16fae95Mozilla has a flurry of random vulnerabilities surrounding their installers that haven't been addressed in quite some time.
b102795220f359831e9aaf51558fd518c42ae77372b502782bce1f141699f749This post outlines multiple unsafe practices in Microsoft Windows that can allow for local privilege escalation.
4bc0ba08bfeebdf7043e5c7d7060e65bdb0c48ca36fa23fc83ebabb77e5ff80dIntel Processor Identification Utility version 6.0.0211 suffers from a local privilege escalation vulnerability.
18b5a81e1da4cff60545121275526325503d467e4282f7ffac69136bae2a23cdThe fix that was applied to address a code execution vulnerability in Trend Micro Anti-Threat Toolkit (ATTK) was insufficient.
b9b4e23fba87a6da6a86f939c567edd6b4d826078dea81dcf76c39a0ac44882cWith Windows 10 1607, Microsoft introduced the /DEPENDENTLOADFLAG linker option, a security feature to restrict or limit the search path for DLLs. Two bugs exist with this attempt to limit access.
04f3f470ca90a3089624ef754a9f8aa5c4419a8bfbfe2910545dd4901e3c35cfMicrosoft Windows allows for the automatic loading of a profiling COM object during the launch of a CLR process based on certain environment variables ostensibly to monitor execution. In this case, the authors abuse the profiler by pointing to a payload DLL that will be launched as the profiling thread. This thread will run at the permission level of the calling process, so an auto-elevating process will launch the DLL with elevated permissions. In this case, they use gpedit.msc as the auto-elevated CLR process, but others would work, too.
dca3da70d2a2d1b66b1779e541ee7478df88bc4ec265fa33d2fffcb756920230Intel Rapid Storage Technology User Interface and Driver version 15.9.0.1015 suffers from a dll hijacking vulnerability.
6e7d0ae7e36d2519f2a95dd01eee53eeefd5b81452a1fdfc32e7ec88cc304a15Intel Extreme Tuning Utility version 6.4.1.23 suffers from code execution, privilege escalation, and denial of service vulnerabilities.
8ee640f811b6221313c74122f57a246a37deeed23bca3a80d265d6c2180dfcdaRufus versions 3.0 and 3.1 suffers from dll hijacking vulnerabilities.
902541262838af7644c131737527c42bf33c37e8fdf9cfe5b3446450ac936b8cVMWare Player version 12.5.9 suffers from denial of service and privilege escalation vulnerabilities.
3597a0b8fd935bf73b872a863ad3b14ceb32e92df0c2d8514ae39dca10072a46VMWare Player version 7.1.3 suffers from a dll hijacking vulnerability.
addcd36bab152a4fb435a7853f4b0fce8c524da8267470db669eaea6231daef3Intel Processor Diagnostic Tool (IPDT) versions prior to 4.1.0.27 suffer from three code execution and privilege escalation vulnerabilities.
c6970c00b903e7c20f1d36cf862c9883331d5c92e439e99f419b8b4d7ab7809eMozilla's executable installers are vulnerable to dll hijacking.
667fb44cb2aa120fbd61c8117b32b9ec85ae2bc46b83d6b9d112e9bfb4199dc9Microsoft's Skype home-grown updater suffers from a dll hijacking vulnerability.
216eae84a9fa62444079df49cbfe75e118c010a069585d13c866dc34ddeb3837The PostgreSQL 10 installer for Windows suffers from a dll hijacking vulnerability.
53508de2e1b750287c30bbe3c9bca27c1d738c50051878d731c03da7ff37006cKaspersky Privacy Cleaner suffers from insecure transit, DLL hijacking, and various other security vulnerabilities.
8f2810bd5ad744f949537fc25373ace8e43e63a2c6c16725e840e49ca14d8c20
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed