New file-deleting Windows zero-day vulnerability unearthed

By Vignesh Giridharan | Published on 26 Oct 2018
HIGHLIGHTS

Security SandboxEscaper has found a Windows vulnerability that is capable of letting exploits delete system DLLs.

New file-deleting Windows zero-day vulnerability unearthed

Vostro 3501

Popular tech to stay connected anywhere. Save more on exciting Dell PCs.

Click here to know more

Advertisements

A security researcher who goes by the name of SandboxEscaper on Twitter recently shared their discovery of a new zero-day vulnerability in Microsoft Windows—one that’s capable of letting an exploit delete system files. The vulnerability affects all recent version of Windows 10 including the most recent October 2018 Update. In the tweet, SandboxEscaper presented a proof-of-concept code on GitHub to demonstrate the hole in the popular operating system.

This is the second vulnerability discovered by the researcher in a span of two months. Explaining the story around the new vulnerability, SandboxEscaper wrote in a separate tweet, “Not the same bug I posted a while back, this doesn't write garbage to files but actually deletes them.. meaning you can delete application dll's [sic] and hope they go look for them in user write-able locations. Or delete stuff used by system services c:\windows\temp and hijack them.”

 

 

According to the researcher, the vulnerability affects the Microsoft Data Sharing service (dssvc.dll), which is a local service for data exchange between applications. When the vulnerability is exploited, the attacker can gain admin permissions to compromise protected data on the computer. They can then delete system DLLs or replace them with malicious ones. 

As mentioned in SandboxEscaper’s tweet, the vulnerability is a low-quality one “that is a pain to exploit” and is hitherto left unpatched by Microsoft. Mitja Kolsek, the CEO of ACROS Security and the co-founder of 0patch confirmed the presence of the vulnerability shortly after SandboxEscaper’s tweet. 0patch then quickly released a micropatch for the vulnerability free of cost and tweeted about it.

logo
Vignesh Giridharan

Progressively identifies more with the term ‘legacy device’ as time marches on.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.

DMCA.com Protection Status