VUPEN Vulnerability Research Blog - Advanced Exploitation of Windows Kernel Privilege Escalation

  • 24 July 2013
  • 0 replies
  • 7 views

Userlevel 7
Badge +56
"Hi everyone,

Recently, a very interesting Windows privilege escalation vulnerability was discovered and publicly disclosed by Tavis Ormandy (and he deserves a Pwnie Award 2013 for it!), it was later patched by Microsoft as part of MS13-053. The vulnerability affects the  Win32k.sys "EPATHOBJ:: pprFlattenRec()" function, and allows an unprivileged user to gain SYSTEM permissions.

 While a few codes taking advantage of this vulnerability were published by other researchers, our aim was to create a reliable and universal exploit working on both 32bit and 64bit versions of Windows 8, Windows 7, Vista, and XP. We had then to find another exploitation method which works on Windows 8 and prior and which provides instant privilege escalation without suffering from the race condition limitations and/or side effects.

 In this blog, we share our findings and exploitation method."

 
Full Article
 
Maybe we can get a comment of one of the Threat Reaserchers on this? @ @ @ @ @ @ 

 
Thanks,

 
TH

0 replies

Be the first to reply!

Reply