Every software and operating system vendor has been implementing security measures to protect their products.
This is due to the fact that threat actors require a lot of time to find a zero-days but require less time to find a readily available exploit for a vulnerable software.
This brought them to the thought where they started to Downgrade the latest versions to vulnerable versions.
An example of this is the BlackLotus UEFI BootKit malware which downgraded the Windows Boot Manager to a vulnerable version that can be exploited by CVE-2022-21894.
This vulnerability allows threat actors to bypass Secure Boot. Further, the threat actors were able to disable OS security mechanisms and maintain persistent access on the affected systems.
As a matter of fact, the BlackLotus UEFI Bootkit was capable of running on fully patched and up-to-date Windows 11 systems that have Secure Boot enabled.
Further, researchers were able to utilize this attack method and achieve privilege escalation and bypass security features.
Overview
Cut shorting the complete research phase, a significant flaw was discovered which allowed the researchers to take full control of the process of Windows Update.
This also allowed the creation of Windows Downdate, a tool that can be used for downgrading updates and bypassing all verification steps including Integrity Verification and Trusted Installer Enforcement.
Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Access
Additionally, after the downgrading of Critical OS components was achieved including DLLs, drivers and the NT kernel, the OS reported that it was fully updated and was unable to install future updates.
Moreover, the recovery and scanning tools were not able to detect the issues in the Operating System.
Further escalating this attack, the researchers successfully downgraded Credential Guard’s Isolated User Mode process, Secure Kernel, and Hyper-V’s hypervisor to expose past privilege escalation vulnerabilities.
Concluding the overview with the final discovery of multiple ways to disable Windows virtualization-based Security (VBS) including Credential Guard and Hypervisor-Protected Code integrity (HVCI), even when enforced with UEFI locks.
The result of this attack resulted in a fully patched Windows machine that is vulnerable to thousands of previous patched vulnerabilities, changing fixed vulnerabilities to zero-days and still making the Operating System to think that it is “fully patched”.
Windows Update Architecture
According to the reports shared with Cyber Security News and the Windows Documentation, the Windows Update architecture consists of an update client and an update server.
The update client is usually enforced with Administrator privileges and the Trusted Installer is always enforced on the server side.
This provides the note that even Administrators and NT SYSTEM cannot modify the system files except by the Trusted Installer.
The Windows Update flow performs the following steps,
- At first, the client asks the server to perform the update contained in an update folder
- The server validates the integrity of the update folder
- After verifying, the server operates on the update folder to finalize the update files which are saved to a server-controlled folder (cannot be accessed by the client)
- The server saves an action to the server-controlled folder which is a list named “pending.xml” and it contains the update actions to perform including which files to update, the source and destination files, etc.
- Finally, when the OS reboots, the action list is operated on, and the update actions are performed during the reboot.
Update Folder Investigation
This folder contains the update components, and each update component contains MUM (Windows Update Package file), manifest, differential, and catalog files. The files can be explained as follows:
- MUM files – has Microsoft Update metadata and contain metadata information, component dependencies, installation order, etc.
- manifest files – contain installation-specific information like file paths, registry keys, which installers to execute as part of the installation, and more.
- differential files – these are delta files from base files. A base file plus a delta file would result in the full update file.
- catalog files – the digital signatures of the MUM and manifest files.
The things to note here is that Only Catalog files are signed and the Manifest and MUMs are not explicitly signed.
However, they are signed by the Catalogs. The differential files are not signed but they control the final update file content.
On researching further, the action list path in the registry had an interesting key named “PoqexecCmdline” which holds the executable that parses the list and the list path.
Further, it was also discovered that the Trusted Installer was not enforced on this key. This can be used to control all the update actions.
Additionally, the pending.xml file provides the functionality of creating files, deleting files, moving files, hard-linking files, creating registry keys and values, deleting keys and values, and much more! To downgrade the patches, the source in the destination of the file action can be replaced.
Attack Methodology
Summarizing the research, there was no need for a malicious Trusted-installer elevation. The attack was actually performed with the help of Windows updates due to the fact that the three actions which are
1. Setting the Trusted Installer service as Auto-Start,
2. Adding pending.xml path in registry and
3. Add pending.xml identifier in registry did not have Trusted Installer enforced.
Further adding to the attack is that the attack went in a legitimate way which was completely undetected.
Since it was an action to update the system, the system shows as “fully updated” which technically it is downgraded.
Persistence was achieved using the action list parser poqexec.exe file that was not digitally signed.
This poqexec.exe file can be supplied with empty updates which will install any newly available updates.
The main fact of this attack is that the actions performed cannot be reversed.
This is because the repair utility SFC.exe is not digitally signed which can also be supplied with a false patch that will not detect any corruptions.
In addition to this, the researchers were also able to
- Attack Windows VBS,
- Bypass VBS UEFI Lock,
- Target Secure Mode’s Isolated User Mode Processes,
- Target Secure Mode’s Kernel and
- Target Hyper-V’s Hypervisor
Microsoft issued two CVEs which are CVE-2024-21302 and CVE-2024-38202 along with an official response stating, “We appreciate the work of SafeBreach in identifying and responsibly reporting this vulnerability through a coordinated vulnerability disclosure. We are actively developing mitigations to protect against these risks while following an extensive process involving a thorough investigation, update development across all affected versions, and compatibility testing, to ensure maximized customer protection with minimized operational disruption.”
Furthermore, the complete attack has been presented at Black Hat USA 2024 and a research paper was published.
Download Free Cybersecurity Planning Checklist for SME Leaders (PDF) – Free Download