0-day Windows 10 with Hyper-V allows you to create files in system folders

0-day Windows 10 with Hyper-V allows you to create files in system folders

Back-engineering researcher found a new zero-day vulnerability in most versions of Windows 10. If exploited successfully, an attacker can create files in protected areas of the OS.

The identified gap can be used by the attacker to develop the attack, but it should be noted that it will only work on computers with Hyper-V.

Expert Jonas Lucgard on Twitter demonstrated how a user without system privileges can create a file in the directory “system32”

Of course, the need to activate Hyper-V significantly limits the number of vulnerable machines, since the default feature is disabled in Windows 10 Pro, Enterprise and Education.

To demonstrate vulnerability exploitation Luckgard created an empty file named phoneinfo.dll in “system32” folder. In normal situation any unprivileged user would need administrator’s permission to perform such actions. Vulnerability removes the need to get high permissions in system.

Since file creator is also the owner of the file in this case, attacker may place malicious code there which will be already executed with high rights.

According to Will Dorman, the problem lies in the storvsp.sys (Storage VSP – Virtualization Service Provider) driver, which is a Hyper-V component on the server side.

Luckgard also created a branch on Twitter where he talks about identified vulnerabilities. The expert complained that Microsoft does not pay well enough for the detected vulnerabilities, so there is no point in reporting them directly to the technogiant.

Source: anti-malware


0 0 vote
Article Rating
Notify of
Inline Feedbacks
View all comments

Do NOT follow this link or you will be banned from the site!
Would love your thoughts, please comment.x

Spelling error report

The following text will be sent to our editors: