Posted on Leave a comment

Microsoft’s Kernel Patch Protection can be Bypassed. Microsoft labeled this as Security Non-Issue.

A Japanese security researcher has identified the critical bug on PatchGuard that can allow loading unsigned malicious code into the Windows Kernel.

A Japanese Security researcher named “Kento Oki” has discovered a critical bug on PatchGuard officially called as” Kernel Patch Protection” which was introduced in 64bit version of Windows XP and Windows 2003 Server Pack 1.

Kento has not reported the issue to Microsoft as the company didn’t consider three other vulnerabilities reported on PatchGuard as a Security issue earlier.

However, researchers has stated that this bug can be weaponized for its ability to plant rootkits in kernel level for launching the sophisticated attacks.

“Microsoft ignore all the three previous reports, with the company arguing that once an attacker has admin rights on a Windows system, it is game over, and any attack escalation is possible.” Stated by The Record.

The researcher has also disclosed how this bug was identified in his blog post and also released the proof-of-concept code for this attack in Github.

–-For more Cyber security news in crisp content . Please follow our site

Leave a Reply