Researchers have identified a new exploit for a Windows 10 (opens in new tab) vulnerability identified in May that allowed hackers to escalate their privileges on a target machine.
After the bug came to light, Microsoft issued a patch that was supposed to rectify the issue, but it appears the update failed to guard against an alternative exploit.
According to Maddie Stone, a researcher at Google Project Zero, the Windows 10 flaw can still be abused, with small adjustments to the attack method.
- Here's our list of the best antivirus (opens in new tab) services right now
- We've built a list of the best malware removal (opens in new tab) software available
- Check out our list of the best ransomware protection (opens in new tab) on the market
“The original issue was an arbitrary pointer dereference, which allowed the attacker to control the src and dest pointers to a memcpy,” Stone tweeted (opens in new tab).
The Microsoft patch was ineffective, she explains, because it “simply changed the pointers to offsets, which still allows controls of the argos to the memcpy.”
The main fear, when it comes to partial fixes, is that hackers can use knowledge of the original exploit to develop new zero-days with greater ease.
Windows 10 security bug
First identified by researchers at security firm Kaspersky, the bug affects a range of Windows operating systems, including various iterations of Windows 10, Windows Server, Windows 7 and Windows 8.
While the overall vulnerability was rated 7.5/10 by the Common Vulnerability Scoring System (CVSS), it was classified as maximum severity specifically in relation to Windows 10 devices.
Chained with a second flaw present in Internet Explorer 11, the Windows bug was abused by hackers to run malicious code on affected devices that allowed them to escalate their privileges to kernel level.
To demonstrate the vulnerability can still be exploited, Stone published proof-of-concept code based on material made available by Kaspersky with the original disclosure.
Microsoft was alerted to the alternative exploit in mid-September and has acknowledged the issue. The firm intended to roll out a second patch in November, but further complications mean the fix has been postponed until January.
Owners of affected devices will need to wait for the patch to drop in the new year.
- Here's our list of the best patch management (opens in new tab) services out there
Via Bleeping Computer (opens in new tab)