Windows Update Can Be Hijacked to Undo Security Patches-Windows Series-php.cn

Home

System Tutorial

Windows Series

Windows Update Can Be Hijacked to Undo Security Patches

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Aug 11, 2024 am 06:43 AM

Windows Update Can Be Hijacked to Undo Security Patches

According to Leviev, he wanted to test the protection Windows offers against downgrade attacks. To his surprise, Windows barely has any fail safes to prevent unauthorized OS rollbacks. The researcher found serious security flaws in Windows Update that he exploited to gain elevated system privileges and breeze past Windows security. Using a custom tool called Windows Downdate, he managed to downgrade system files, drivers, and the Windows kernel (the core program which has full control over the operating system) on Windows 10 and 11.

The downgrades he made remained undetectable and persistent, meaning they were invisible to Windows Update and system recovery tools. They're also irreversible. The attack would trick the victim into thinking their machine is up-to-date (as Windows Update would confirm). But the core components would have been quietly replaced with older versions, exposing them to thousands of already-fixed vulnerabilities.

Leviev also discovered critical flaws in the Windows virtualization security, including Hyper V. Exploiting those flaws, he managed to downgrade and bypass virtualization security features. The researcher warns that Windows might not be the only operating system vulnerable to downgrade attacks.

There have been no attacks in the wild using this attack vector, which is good news. But Leviev demoed it at Black Hat USA 2024 and DEF CON 32 2024. He also reached out to Microsoft in February, when he first identified these threats.

Microsoft has since been working on an update to patch them, but six months later, it’s still not available. “We are actively developing mitigations to protect against these risks while following an extensive process involving a thorough investigation, update development across all affected versions, and compatibility testing, to ensure maximized customer protection with minimized operational disruption,” Microsoft stated in an official response.

Source: Alon Leviev via Safebreach

Your changes have been saved

Email is sent

Email has already been sent

Please verify your email address.

Send confirmation email

You’ve reached your account maximum for followed topics.

The above is the detailed content of Windows Update Can Be Hijacked to Undo Security Patches. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

How to fix KB5055523 fails to install in Windows 11?

4 weeks ago By DDD

How to fix KB5055518 fails to install in Windows 10?

4 weeks ago By DDD

Roblox: Grow A Garden - Complete Mutation Guide

3 weeks ago By DDD

Roblox: Bubble Gum Simulator Infinity - How To Get And Use Royal Keys

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

How to fix KB5055612 fails to install in Windows 10?

3 weeks ago By DDD

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Java Tutorial

1664

CakePHP Tutorial

1422

Laravel Tutorial

1316

PHP Tutorial

1267

C# Tutorial

1239

Related knowledge

Windows kb5054979 update information Update content list Apr 15, 2025 pm 05:36 PM

KB5054979 is a cumulative security update released on March 27, 2025, for Windows 11 version 24H2. It targets .NET Framework versions 3.5 and 4.8.1, enhancing security and overall stability. Notably, the update addresses an issue with file and directory operations on UNC shares using System.IO APIs. Two installation methods are provided: one through Windows Settings by checking for updates under Windows Update, and the other via a manual download from the Microsoft Update Catalog.

Nanoleaf Wants to Change How You Charge Your Tech Apr 17, 2025 am 01:03 AM

Nanoleaf's Pegboard Desk Dock: A Stylish and Functional Desk Organizer Tired of the same old charging setup? Nanoleaf's new Pegboard Desk Dock offers a stylish and functional alternative. This multifunctional desk accessory boasts 32 full-color RGB

ASUS' ROG Zephyrus G14 OLED Gaming Laptop Is $300 Off Apr 16, 2025 am 03:01 AM

ASUS ROG Zephyrus G14 Esports Laptop Special Offer! Buy ASUS ROG Zephyrus G14 Esports Laptop now and enjoy a $300 offer! Original price is $1999, current price is only $1699! Enjoy immersive gaming experience anytime, anywhere, or use it as a reliable portable workstation. Best Buy currently offers offers on this 2024 14-inch ASUS ROG Zephyrus G14 e-sports laptop. Its powerful configuration and performance are impressive. This ASUS ROG Zephyrus G14 e-sports laptop costs 16 on Best Buy

Got an AMD CPU and Aren't Using PBO? You're Missing Out Apr 12, 2025 pm 09:02 PM

Unlocking Ryzen's Potential: A Simple Guide to Precision Boost Overdrive (PBO) Overclocking your new PC can seem daunting. While performance gains might feel elusive, leaving potential untapped is even less appealing. Fortunately, AMD Ryzen processo

How to Use Windows 11 as a Bluetooth Audio Receiver Apr 15, 2025 am 03:01 AM

Turn your Windows 11 PC into a Bluetooth speaker and enjoy your favorite music from your phone! This guide shows you how to easily connect your iPhone or Android device to your computer for audio playback. Step 1: Pair Your Bluetooth Device First, pa

5 Hidden Windows Features You Should Be Using Apr 16, 2025 am 12:57 AM

Unlock Hidden Windows Features for a Smoother Experience! Discover surprisingly useful Windows functionalities that can significantly enhance your computing experience. Even seasoned Windows users might find some new tricks here. Dynamic Lock: Auto

Microsoft Might Finally Fix Windows 11's Start Menu Apr 10, 2025 pm 12:07 PM

Windows 11's Start Menu Gets a Much-Needed Overhaul Microsoft's Windows 11 Start menu, initially criticized for its less-than-intuitive app access, is undergoing a significant redesign. Early testing reveals a vastly improved user experience. The up

You Can Get The Razer Basilisk V3 Pro Mouse for 39% off Apr 09, 2025 am 03:01 AM

##### Razer Basilisk V3 Pro: High-performance wireless gaming mouse The Razer Basilisk V3 Pro is a high-performance wireless gaming mouse with high customization (11 programmable buttons, Chroma RGB) and versatile connectivity. It has excellent sensors, durable switches and extra long battery life. If you are a gamer looking for a high-quality wireless mouse and need excellent customization options, now is a great time to buy the Razer Basilisk V3 Pro. The promotion cuts prices by 39% and has limited promotion periods. This mouse is larger, 5.11 inches long and 2 inches wide

See all articles