Google Researcher Publishes Unpatched Windows 8.1 Security Vulnerability
Bohs Hansen / 2 years ago
Usually, found security exploits are reported before publicised and so was MSRC-20544 exploit for Windows 8.1. But 90 days after the security researcher from Google had reported the flaw to Microsoft, it still wasn’t patched and he instead chose to release the information to the public in order to pressure Microsoft to act and fix the flaw.
Besides just disclosing the flaw, he also shows how to use it and according to feedback it works. The vulnerability allows for an elevation of privilege in ahcache.sys/NtApphelpCacheControl and the blog post also provides a demo application that can launch calc.exe using the exploit. It was only tested on Windows 8.1 and it is not known if prior versions of Windows are affected as well.
Microsoft issued the following response to the vulnerability:
“We are working to release a security update to address an Elevation of Privilege issue. It is important to note that for a would-be attacker to potentially exploit a system, they would first need to have valid logon credentials and be able to log on locally to a targeted machine. We encourage customers to keep their anti-virus software up to date, install all available Security Updates and enable the firewall on their computer.”
So there is a mixture of good and bad news in this exploit. Someone needs to have direct access to your system in order to exploit it and a patch is being worked on. If you’d like to test it on your own system, follow the source link to Google Security where you can find the demo app.