Sharing is caring!

The error has already been fixed.

Often the security specialists are responsible for patching the holes in the operating system. They search for potential threats and inform developers about required corrections. This was also the case – the Kaspersky group responsible for one of the most recognizable anti-viruses informed Microsoft of a critical error that allowed hackers to take complete control over the computer.

The problem was reported to the Redmond giant on March 17, and the patch was released to users on April 9. The reason for the threat was the vulnerability through which the exploit could use the PowerShell command to retrieve and perform scruples to unpack the HTTP shell code, allocate executable memory, assign the shell code to it, and create a CreateThread call to execute it.

The goal of this treatment was to create a simple HTTP shell that helped the attacker gain full control over the victim’s attack system. It is true that Microsoft states that cybercriminals must first log into the victim system in order to be able to perform subsequent attacks, but this gap remains very dangerous.

CHECK IT OUT :   Windows Lite - new system coming soon?

“Windows has an elevation of privilege vulnerability when the Win32k component does not properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change or delete data; or create new accounts with full user rights, “says Microsoft.

Kaspersky points out that this zero day vulnerability has been actively exploited, but none of the groups responsible for the attack shared the details. The bug was fixed in update CVE-2019-0859 from April 9 and it is recommended to install it as soon as possible.