Article 5CNR0 Windows PsExec Zero-Day Vulnerability Gets a Free Micropatch

Windows PsExec Zero-Day Vulnerability Gets a Free Micropatch

by
Fnord666
from SoylentNews on (#5CNR0)

upstart writes in with an IRC submission:

Windows PsExec zero-day vulnerability gets a free micropatch:

A free micropatch fixing a local privilege escalation (LPE) vulnerability in Microsoft's Windows PsExec management tool is now available through the 0patch platform.

PsExec is a fully interactive telnet-replacement that allows system admins to execute programs on remote systems. PsExec tool is also integrated into and used by enterprise tools to remotely launch executables on other computers.

This PsExec zero-day is caused by a named pipe hijacking (also known as named pipe squatting) vulnerability which allows attackers to trick PsExec into re-opening a maliciously created named pipe and giving it Local System permissions.

After successfully exploiting the bug, threat actors will be able to execute arbitrary processes as Local System which effectively allows them to take over the machine.

[...] "This vulnerability allows an attacker who can already run code on your remote computer as a non-admin (e.g., by logging in as a regular Terminal Server user, or establishing an RDP session as a domain user, or breaking into a vulnerable unprivileged service running on the remote computer) to elevate their privileges to Local System and completely take over the machine as soon as anyone uses PsExec against that machine," Kolsek said.

"For home users and small businesses, this is probably not a high-priority threat, while for large organizations it may be."

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments