Wednesday, October 15, 2014

ALERT: New Zero Day Identified by Vuln Disclosures - Using the OS to infect PC's

Security Researchers at SLC Security Services LLC have discovered a vulnerability in all versions of Windows that allows attackers to take over a machine when an administrator reboots the computer.

In addition to being able to hook a machine during an administrators reboot we have also determined that the same flaw is present with some programs that are called by the operating system during shutdown or reboot.

The details of the exploit will not be released until we have given Microsoft and Antivirus vendors time to test the vulnerability and roll out patches.

Known Vulnerable:
All Versions of Windows
AVG Antivirus
Symantec Antivirus

We have not tested on any other Antivirus products at this time but the code used to test also was not detected by AV and could also unload AV or completely remove it from a Windows system.

Another researcher may have also discovered the exact same issue although we have not verified this at this time. Another article describes a similar problem to what we are now reporting.

No comments:

Post a Comment