Security Researchers at SLC Security Services LLC have discovered a vulnerability in all versions of Windows that allows attackers to take over a machine when an administrator reboots the computer.
In addition to being able to hook a machine during an administrators reboot we have also determined that the same flaw is present with some programs that are called by the operating system during shutdown or reboot.
The details of the exploit will not be released until we have given Microsoft and Antivirus vendors time to test the vulnerability and roll out patches.
Known Vulnerable:
All Versions of Windows
AVG Antivirus
Symantec Antivirus
We have not tested on any other Antivirus products at this time but the code used to test also was not detected by AV and could also unload AV or completely remove it from a Windows system.
Another researcher may have also discovered the exact same issue although we have not verified this at this time. Another article describes a similar problem to what we are now reporting.
The purpose of this page is to provide awareness to individuals and organizations that are leaking information and the information of their customers. The entities listed on this site are verified to be leaking personal information sometimes without the company even being aware. SLC Security is now owned and operated by Jigsaw Security Enterprise. We are currently in process and as such this blog will eventually be taken offline and merged with Jigsaw Security resources.
Wednesday, October 15, 2014
ALERT: New Zero Day Identified by Vuln Disclosures - Using the OS to infect PC's
Labels:
Advisory,
Alert,
Technology Share Program
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment