Skip to main content

Latest Windows Zero-Day Exploit Bypasses UAC

Sophos has released the details of a newly discovered zero-day exploit in Microsoft's Windows operating system, that elevates permissions by bypassing the User Account Control found in Windows 7 and Vista.

According to Sophos's Naked Security blog, the zero-day vulnerability is present in all Windows variations going back to Windows XP.

Sophos security expert Chester Wisniewski explained that the flaw exists in the win32k.sys file, a part of the Windows Kernal. The flaw is capable of enabling a hacker to create a fake systems account that could give access to all Windows components.

Even if the flaw is not capable of remote code execution, it could allow users of a non-administrator accounts to execute the code and impersonate an administrator.

“The good news? For this to be exploited, malicious code that uses the exploit needs to be introduced. This means your e-mail, web, and anti-virus filters can prevent malicious payloads from being downloaded,” Wisniewski explained.