New Windows Print Spooler Zero-Day Flaws Harken Back to Stuxnet

by
Fnord666
from SoylentNews on (#56QAV)

upstart writes in with an IRC submission:

New Windows Print Spooler Zero-Day Flaws Harken Back to Stuxnet:

Ten years after the game-changing Stuxnet attack was first discovered, a Windows printer program it exploited has been found to contain additional dangerous zero-day flaws that could allow an attacker to gain a foothold in the network as a privileged user.

The researchers who discovered the new flaws in Microsoft's ubiquitous Windows Print Spooler service say they wanted to see if there still was a way to game Print Spooler for a Stuxnet 2.0-style attack 10 years after the first known cyberweapon attack was unearthed. "We started digging in, looking at the original Stuxnet propagation, and then we found out there were problems. ... We decided to take the Spooler service to the next level, and eventually we found it was not fully patched," explains Tomer Bar, research team leader at Safe Breach, who along with his colleague Peleg Hadar found the flaws that they plan to detail today at Black Hat USA.

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments