High-risk Windows vulnerability, Microsoft has actually been neglecting it for a year

Even after Microsoft’s patch, the high-risk zero-day Windows vulnerability which can lead to full control of the desktop remains at risk. The fix from Microsoft did not work properly.

This flaw, which was discovered in Windows 8.1 and Windows 10, is a bug that triggers local privilege elevation. An API called Print Spooler, which is CVE-2020-0986, is known to exist. If the workaround works, in the sense of the current user, a local attacker will upload privileges and execute javascript. It encourages you to gain total care of the victim’s system.

“a problem is caused by the Windows kernel not handling objects in memory properly,”a problem is caused by the Windows kernel not properly handling objects in memory,”Attackers who successfully exploit this problem will be able to execute arbitrary code in kernel mode.”Attackers who successfully exploit this issue will be able to execute arbitrary code in kernel mode.”install programs or view, change and delete data”install programs or view, modify and delete data.

It was assessed that, with a score of 8.3 based on CVSS, this weakness has a high degree of risk. Via the Zero Day Project, security firm Pattern Micro discovered and told Microsoft. In December, the vulnerability was found and submitted to Microsoft. Trend Micro clarified that “there is a characteristic that handles the value provided by the user without checking in advance.” the source of the weakness.

For six months, though, even the first fix for this vulnerability has not been made. In May, security firm Kaspersky reported it had witnessed the exploitation of a weakness against a Korean company. At the time, attackers are said to have been exploiting this vulnerability in series with the vulnerability found in Internet Explorer. The campaign was called Operation Powerfall, and the Darkhotel seems to be behind it.

Then, Microsoft eventually released a patch in June. It modified the way artifacts are handled in memory by the Windows kernel. Maddie Stone, a security specialist on the Google Projects team, however, proved that the fix was incomplete in September. And not taking action yet. In other words, it broke the pledge of releasing a fix within 90 days after a flaw was found twice within the sector.

“The patch released by Microsoft in June does not correctly resolve the vulnerability,” Stone said on Twitter. Only criticized. Via daily updates in January, experts expect Microsoft to fix this problem. However, nothing has been officially announced.