Thursday, March 28, 2024

Again Hacker Exposed New Microsoft Unpatched Zero-day Bug In Twitter With PoC

New Microsoft unpatched Zero-day bug exposed in online again along with proof-of-concept(PoC) by the same security researcher who has previously leaked another critical zero-day vulnerability in Twitter.

Previously exposed Windows Zero-day vulnerability exploit online that discovered in Microsoft Windows Task Scheduler.

Twitter name SandboxEscaper, A security researcher famous for leaking Zero-day bugs online along with PoC and now she exposed second Microsoft Zero-day bug.

https://twitter.com/SandboxEscaper/status/1054744201244692485

Also she said, “Not the same bug I posted a while back, this doesn’t write garbage to files but actually deletes them.. meaning you can delete application dll’s and hope they go look for them in user write-able locations. Or delete stuff used by system services c:\windows\temp and hijack them.”

This Vulnerability referred as a Deletebug and it allows non-admins to delete any file by abusing a new Windows service not checking permissions again.

Experts who have analyzed this bug believes that once @SandboxEscaper‘s deletebug.exe  deletes pci.sys on the computer, you can no longer restart it so make sure you test on a virtual machine that you can revert to a state before you ran deletebug.exe.

Mitja Kolsek‏,  Co-founder of 0patch said, This Unpatched Zero-day exactly affecting data sharing service (dssvc.dll)which is only presented in exist on Windows 10 / Server 2016 but not on Windows 7 And Windows 8.

“The Internet seems to know that it crashes a lot and it describes itself as “Provides data brokering between applications.”

Kevin Beaumont who analyzed this Zero-day believes that the current Zero-day that she exposed will only work in Windows 10 and Server 2016 and 2019.

Since this Unpatched Zero-day bug published along with the PoC helps for attackers who can use this PoC to delete OS files and replace the malicious files.

In this case, 0patch released a micropatch candidate for this Unpatched Zero-day, currently working on fully updated Windows 10 1803 that help to stop exploiting the unpatched windows zero-day bugs untill it gets patched by Microsoft.

We hope Microsoft already aware of this bug and possibly the patch will be released in next Microsoft Security updates. Kindly Stay tuned, we will update you with more details about this Zeroday bug soon.

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles