New Windows Downgrade Attack Let Hackers Downgrade Patched Systems To Exploits

29 October 2024

The researcher discovered a vulnerability in the Windows Update process that allowed them to downgrade critical system components, including DLLs, drivers, and the NT kernel. This enabled the attacker to bypass security measures like Secure Boot and expose previously patched vulnerabilities. There are many ways to disable VBS, including Credential Guard and HVCI, even with UEFI locks, demonstrating the potential for significant security risks on fully patched Windows systems.

Source: GBHackers

Date:

29 October 2024

Categorie(s):

NEWS

Tag(s):

Attacks, Cyber Security News, Cyber Threats, Downgrade, Endpoint Security

Rust haters, unite! Fil-C aims to Make C Great Again16 November 2024
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released16 November 2024
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials16 November 2024
Swiss cheesed off as postal service used to spread malware16 November 2024
Bloke behind Helix Bitcoin launderette jailed for three years, hands over $400M16 November 2024