CVE-2021-28310: A broken window
#1
Exclamation 
Quote:
[Image: cve-2021-28310-featured.jpg]

A zero-day vulnerability in Microsoft Windows may already have been exploited.

Kaspersky researchers have found a zero-day vulnerability (CVE-2021-28310) in a Microsoft Windows component called Desktop Window Manager (DWM). We believe several threat actors have already exploited the vulnerability. Microsoft just released the patch, and we suggest applying it immediately. Here’s why.

What is Desktop Window Manager?

Pretty much everyone is familiar with the windowed interface of modern operating systems:  each program opening in a separate window that doesn’t necessarily take up the whole screen. Windows may overlap, for example, one casting a shadow over others as if it were physically blocking the light. In Microsoft Windows, the component responsible for rendering features such as shadows and transparency is Desktop Window Manager.

To understand why Desktop Window Manager is important in a cybersecurity context, consider that programs don’t just draw their windows on the screen; they put the necessary information in a buffer. Desktop Window Manager grabs that information from each program’s buffer and creates the overall composite view that the user sees. When a user moves one window over another, the open programs don’t know anything about whether their windows should be casting a shadow or having a shadow cast on them, for example. Desktop Window Manager does that job, and as such it is a key service in Windows that has existed in every version of Windows since Vista — and cannot be deactivated in Windows 8 or later versions.

Desktop Window Manager’s vulnerability

The vulnerability our advanced exploit prevention technology discovered is an elevation of privilege vulnerability. That means a program can trick Desktop Window Manager into giving it access that it shouldn’t have. In this case, the vulnerability allowed the attackers to execute arbitrary code on victims’ machines — it essentially gave them full control over the computers.

How to avoid CVE-2021-28310 exploitation

It’s critical to act quickly. Here’s what you can do: ...
Continue Reading
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Kaspersky 21.19.7.527b
Kaspersky 21.19.7....harlan4096 — 09:53
AdGuard Browser Extension 5.0.170 (MV3)
AdGuard Browser Ex...harlan4096 — 09:51
Vivaldi 7.0 Build 3495.18
Vivaldi 7.0 Build ...harlan4096 — 09:50
Brave Search introduces AI follow-up que...
I have used Brave ...harlan4096 — 09:49
Microsoft accused of Malware-like Bing W...
Microsoft released...harlan4096 — 09:48

[-]
Birthdays
Today's Birthdays
avatar (56)Stefanos
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>