Researchers circumvent Windows protection mechanisms via gui leak
Until Tuesday’s patch Tuesday round, an attacker with access to a Windows system was able to circumvent Windows’ security mechanisms by flipping one bit. An attacker with low access privileges could thereby usurp administrative access.
The vulnerability was located in the part of the Windows kernel that is responsible for the gui. Specifically, it was part of a DLL that is responsible for scroll bars in windows. By manipulating one bit, the researchers were able to circumvent security mechanisms that, for example, prevent injected data from being executed in memory.
Microsoft patched the vulnerability on Tuesday in its patch Tuesday round. The problem has been present in all versions of Windows since XP, including the technical preview of Windows 10. “We’ve shown that you can take complete control of a Windows system with a small bug,” the researchers said.
While the vulnerability does not allow access to a system from outside, it allows attackers who already have access to greatly expand their access to the system. This allows an attacker to gain administrative access. The security problem could therefore be deployed together with another exploit.
 
			