The vulnerability (CVE-2015-0057), rated “important,” affects the Windows kernel-mode driver (Win32k.sys) and is caused by the improper handling of objects in memory. According to Microsoft, an attacker who manages to log in to the targeted system can “gain elevated privileges and read arbitrary amounts of kernel memory,” which would allow them to install software, view and change data, and create new accounts with full administrative rights.
The security hole was identified and reported to Microsoft a few months ago by the security firm enSilo. In a blog post published on Tuesday, enSilo CTO Udi Yavo revealed that they have created a fully working exploit that can be used to bypass all security measures by modifying a single bit in the operating system.
Vulnerability enabled attackers to bypass all Windows protections by changing a single bit
Posted on Friday, Feb 13 2015 @ 12:25 CET by Thomas De Maesschalck