[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Free Show | Home]

Giant Windows hole: remote code execution with system privileges

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.
  1. Home
  2. /g/ - Technology
  3. Giant Windows hole: remote code execution with system privileges
Thread replies: 15
Thread images: 3

Anonymous
Giant Windows hole: remote code execution with system privileges 2017-05-09 05:59:05 Post No. 60296285
[Report] Image search: [Google]
File: windows 10 nsa.png (182KB, 500x500px) Image search: [Google]
windows 10 nsa.png
182KB, 500x500px
Giant Windows hole: remote code execution with system privileges Anonymous 2017-05-09 05:59:05 Post No. 60296285 [Report]
I'm surprised there isn't a thread for this.

https://bugs.chromium.org/p/project-zero/issues/detail?id=1252

In short: Microsoft has an unsandboxed JavaScript interpreter running as NT AUTHORITY\SYSTEM since Windows 8 (and Windows 7/Vista if you use Microsoft Security Essentials) that automatically scans network traffic and disk activity. Just browsing a page or receiving a mail (not even opening it) is enough to get pwned.

This is not a joke. Tavis Ormandy has described it as "the worst Windows remote code exec in recent memory". Microsoft has issued an emergency patch: https://technet.microsoft.com/en-us/library/security/4022344
>>
Anonymous 2017-05-09 06:00:28 Post No.60296303
[Report]
Anonymous 2017-05-09 06:00:28 Post No.60296303 [Report]
Wangblows BTFO
>>
Anonymous 2017-05-09 06:03:58 Post No.60296348
[Report]
Anonymous 2017-05-09 06:03:58 Post No.60296348 [Report]
>>60296285
Fuck off lincuck shill
>>
Anonymous 2017-05-09 06:05:53 Post No.60296370
[Report]
Anonymous 2017-05-09 06:05:53 Post No.60296370 [Report]
What can be done with this? Reading the page so far I can not see anything useful.
W7, no security essentials, I don't even give a fuck.
>>
Anonymous 2017-05-09 06:07:45 Post No.60296404
[Report]
Anonymous 2017-05-09 06:07:45 Post No.60296404 [Report]
>>60296285
>I'm surprised there isn't a thread for this.
I saw one this morning, we're over it already. It's not funny anymore
>>
Anonymous 2017-05-09 06:07:59 Post No.60296408
[Report]
Anonymous 2017-05-09 06:07:59 Post No.60296408 [Report]
Microsoft has repeated the error many antivirus vendors have done before:

Symantec: remote root via vulnerable kernel-mode filter drivers https://googleprojectzero.blogspot.com/2016/06/how-to-compro...

ESET NOD32: remote root via vulnerable kernel-mode filter drivers https://googleprojectzero.blogspot.com/2015/06/analysis-and-...

Comodo: code execution vulns in virus scanner https://bugs.chromium.org/p/project-zero/issues/detail?id=76... and installs an insecure web browser and sets it as the default https://bugs.chromium.org/p/project-zero/issues/detail?id=70...

Avast: remote code execution in network traffic filter https://bugs.chromium.org/p/project-zero/issues/detail?id=54...

AVG: installs Chrome extension that leaks your browsing history to anyone who cares to read it https://www.theregister.co.uk/2015/12/29/avg_google_chrome_e...

TrendMicro: remote file access with SYSTEM privilege https://bugs.chromium.org/p/project-zero/issues/detail?id=77...

Kaspersky: a diverse range vulnerabilities over the years, ranging from remote root vulns (https://googleprojectzero.blogspot.com/2015/09/kaspersky-mo-...) to "merely" making all SSL traffic man-in-the-middleable (https://bugs.chromium.org/p/project-zero/issues/detail?id=97...)
>>
Anonymous 2017-05-09 06:09:42 Post No.60296436
[Report]
Anonymous 2017-05-09 06:09:42 Post No.60296436 [Report]
>>60296370
You're not affected, but blocking Javascript should do.

I expect an ad network to get hijacked now with malicious JS
>>
Anonymous 2017-05-09 06:10:15 Post No.60296449
[Report]
Anonymous 2017-05-09 06:10:15 Post No.60296449 [Report]
This is a widows board, newfag lincucks GTFO.
>>
Anonymous 2017-05-09 07:01:31 Post No.60297325
[Report]
Anonymous 2017-05-09 07:01:31 Post No.60297325 [Report]
>>60296285
good thing that im a linux user. other /g/ posters arent that tho.
>>
Anonymous 2017-05-09 07:06:51 Post No.60297405
[Report] Image search: [Google]
Anonymous 2017-05-09 07:06:51 Post No.60297405 [Report]
>>60296285
I'll see your giant hole, and raise you a CIA exploit.
looks like these two are a great match.
>https://wikileaks.org/vault7/#Archimedes
>>
Anonymous 2017-05-09 07:09:28 Post No.60297444
[Report]
Anonymous 2017-05-09 07:09:28 Post No.60297444 [Report]
>>60296285
>meanwhile exploits for millions of Android devices remain because Google is too cucked to force manufacturers to issue timely security patches
>>
Anonymous 2017-05-09 07:17:21 Post No.60297559
[Report]
Anonymous 2017-05-09 07:17:21 Post No.60297559 [Report]
>>60296285
I stoppedal caring a while ago, what is the point of caring? I have a phone, multiple computers, smart tv, electric car, etc. All of which are probrably exploitable if someone cared to hack me or make me crash.
>>
Anonymous 2017-05-09 07:20:30 Post No.60297622
[Report] Image search: [Google]
Anonymous 2017-05-09 07:20:30 Post No.60297622 [Report]
File: 1477038831902.png (22KB, 231x277px) Image search: [Google]
1477038831902.png
22KB, 231x277px
>>60296285
>JS interpreter
>as SYSTEM
how does microsoft come up with these jokes?
>>
Anonymous 2017-05-09 07:39:10 Post No.60297973
[Report]
Anonymous 2017-05-09 07:39:10 Post No.60297973 [Report]
>>60297444
Desktops pay for the Internet mostly flat-rate while mobiles pay for limited quotas and shitty paid content. So it's just profitable for MNOs when android botnets and malware hook their devices on these cash juices.
>>
Anonymous 2017-05-09 07:40:16 Post No.60297989
[Report]
Anonymous 2017-05-09 07:40:16 Post No.60297989 [Report]
>>60297622
>designated pajeet code
Thread posts: 15
Thread images: 3
[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible.
Read more on this topic here - https://archived.moe/talk/thread/1694/


If you need a post removed click on it's [Report] button and follow the instruction.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com.
If you like this website please support us by donating with Bitcoins at 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
All trademarks and copyrights on this page are owned by their respective parties.
Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site.
This means that RandomArchive shows their content, archived.
If you need information for a Poster - contact them.