| Title | Windows PsExec Zero-Day Vulnerability Gets a Free Micropatch | |
| Date | Monday January 11 2021, @12:56PM | |
| Author | Fnord666 | |
| Topic | ||
| from the get-your-free-patches-while-they-last! dept. | ||
Windows PsExec zero-day vulnerability gets a free micropatch:
A free micropatch fixing a local privilege escalation (LPE) vulnerability in Microsoft's Windows PsExec management tool is now available through the 0patch platform.
PsExec is a fully interactive telnet-replacement that allows system admins to execute programs on remote systems. PsExec tool is also integrated into and used by enterprise tools to remotely launch executables on other computers.
This PsExec zero-day is caused by a named pipe hijacking (also known as named pipe squatting) vulnerability which allows attackers to trick PsExec into re-opening a maliciously created named pipe and giving it Local System permissions.
After successfully exploiting the bug, threat actors will be able to execute arbitrary processes as Local System which effectively allows them to take over the machine.
[...] "This vulnerability allows an attacker who can already run code on your remote computer as a non-admin (e.g., by logging in as a regular Terminal Server user, or establishing an RDP session as a domain user, or breaking into a vulnerable unprivileged service running on the remote computer) to elevate their privileges to Local System and completely take over the machine as soon as anyone uses PsExec against that machine," Kolsek said.
"For home users and small businesses, this is probably not a high-priority threat, while for large organizations it may be."
| Links |
printed from SoylentNews, Windows PsExec Zero-Day Vulnerability Gets a Free Micropatch on 2024-04-19 20:18:54