FeaturesWindows

New Windows 11 Integer Overflow Vulnerability Lets Attackers Elevate Privileges

Hallie Frederick Hallie Frederick
November 28, 2024
1 View
New Windows 11 Integer Overflow Vulnerability Lets Attackers Elevate Privileges
Windows 11 Integer Overflow Vulnerability

A important safety flaw in Home windows 11 has been found, permitting attackers to achieve elevated system privileges by way of an integer overflow vulnerability.

The exploit, which impacts the ksthunk.sys driver was efficiently demonstrated on the current TyphoonPWN 2024 occasion, the place it secured second place.

The vulnerability, discovered within the CKSAutomationThunk::ThunkEnableEventIrp operate of ksthunk.sys, could be exploited by native attackers to achieve elevated privileges within the Home windows working system.

This safety challenge is especially regarding because it impacts Home windows 11 23H2, one of many newest variations of Microsoft’s flagship working system, reads SSD Disclosure advisory.

The exploit takes benefit of an integer overflow that happens throughout the calculation of buffer sizes. By manipulating enter parameters, attackers could cause a heap overflow, which might then be leveraged to execute arbitrary code with system privileges.

Analyze cyber threats with ANYRUN's highly effective sandbox. Black Friday Offers : Get up to 3 Free Licenses.

Key facets of the vulnerability embrace:

  1. Exploitation of the WOW handler for the Kernel Streaming Service
  2. Manipulation of buffer allocation and information copying processes
  3. Bypassing of reminiscence safety mechanisms

Vendor Response and Patch Standing

Regardless of the severity of the vulnerability, Microsoft’s response has been lower than passable. The corporate claimed that the problem was a reproduction and had already been mounted however didn’t present particular patch data or a CVE quantity.

Alarmingly, safety researchers reported that the vulnerability remained exploitable on the newest model of Home windows 11 on the time of discovery, elevating issues concerning the effectiveness of Microsoft’s patching course of.

This vulnerability highlights the continued challenges in sustaining the safety of complicated working techniques. Home windows 11 customers are probably in danger, particularly if the flaw stays unpatched or inadequately addressed.

Safety specialists advise customers to:

  • Maintain their techniques up to date with the newest safety patches
  • Be cautious when working untrusted purposes
  • Monitor for any uncommon system conduct

Leveraging 2024 MITRE ATT&CK Outcomes for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Related Articles

At Sensi Tech Hub, we are more than just a team of individuals working together – we are a family bound by our passion for technology and innovation. Our journey began with a shared vision to create a space where creativity flourishes, ideas come to life, and dreams become reality.

About Us | Contact | Privacy Policy | Terms of Service
Sensi Tech Hub
Logo