Jump to content
  • This cyberattack downgrades your version of Windows to one unprotected against attacks

    aum

    • 214 views
    • 2 minutes
     Share


    • 214 views
    • 2 minutes

    Your Windows device could be downgraded by this attack

     

    A version-rollback vulnerability has been discovered by a cybersecurity researcher that allows a fully patched Windows machine to be downgraded to older version, allowing the exploitation of previously patched zero-days and vulnerabilities.

     

    Alon Leviev unveiled his findings at Black Hat USA 2024 and DEF CON 32 (2024) as a tool named Windows Downdate.

     

    Leviev says the tool can be used to make “the term “fully patched” meaningless on any Windows machine in the world.”


    Windows Downdate

     

    Leviev started their journey with the aim of discovering a version-rollback exploit using Windows Update as a starting point. It turned out Windows Update had a significant flaw that allowed for a full takeover of the update process, including downgrading Windows versions.

     

    By also exploiting access to critical OS components, including dynamic link libraries (DLLs), drivers, and NT kernel, Leviev was able to have the Windows machine report  it was fully updated and unable to download any updates without having recovery and scanning tools detect anything out of the ordinary.

     

    Leviev then also discovered the virtualization stack could be tampered with as well, allowing a number of previously secure applications to be exposed to previously patched privilege escalation vulnerabilities, with Credential Guard’s Isolated User Mode Process, Secure Kernel, and Hyper-V’s hypervisor all being suceptible.

     

    Finally, Windows virtualization-based security was also disabled even when secured by UEFI locks. This allowed Leviev to also disable security features such as Credential Guard and Hypervisor-Protected Code integrity. According to Leviev’s knowledge, “this is the first time VBS’s UEFI locks have been bypassed without physical access.”

     

    Leviev offers a number of suggestions to make operating systems less vulnerable to downgrade attacks, including:

     

    •     Researching and implementing security measures that check for and prevent the downgrade of critical OS components.
    •     Reviewing all design features as an attack surface, even old ones.
    •     Research in-the-wild-attacks to evaluate whether other components or areas are vulnerable to attack.
    •     These are the best firewalls around today
    •     Check that email carefully — experts warn anti-phishing tools in Microsoft 365 can be easily bypassed
    •     Take a look at the best VPN with antivirus

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...