SecurityWeek writes Microsoft plugged a security vulnerability (CVE-2015-0057) earlier this week that enabled attackers to bypass all security measures in Windows by modifying a single bit. If an attacker gained access to your machine (say, through a phishing campaign), he could exploit this bug to bypass all Windows security layers, including sandboxing, kernel segregation and memory randomization.
The vulnerability (CVE-2015-0057), rated “important,” affects the Windows kernel-mode driver (Win32k.sys) and is caused by the improper handling of objects in memory. According to Microsoft, an attacker who manages to log in to the targeted system can “gain elevated privileges and read arbitrary amounts of kernel memory,” which would allow them to install software, view and change data, and create new accounts with full administrative rights.
The security hole was identified and reported to Microsoft a few months ago by the security firm enSilo. In a blog post published on Tuesday, enSilo CTO Udi Yavo revealed that they have created a fully working exploit that can be used to bypass all security measures by modifying a single bit in the operating system.