Tech News
Researchers Demonstrate Windows Downgrade Attacks
Security researchers have demonstrated a new threat for Microsoft Windows users that may make every system vulnerable. Named ‘Downgrade attacks,’ the attacks exploit two zero-day vulnerabilities to downgrade a fully patched Windows device to its vulnerable state.
Windows Downgrade Attacks May ‘Unpatch’ Updated Systems
Researchers from SafeBreach have shared a detailed blog post highlighting Downgrade attacks against Windows systems.
As explained, downgrade attacks can ‘unpatch’ a target system, reverting its status to a previous system version. Given that every recent system update brings security fixes, reverting a system to an older version revives all the patched vulnerabilities, making the system vulnerable to cyber threats.
Such attacks became possible due to the following two Windows zero-day flaws.
- CVE-2024-38202 (CVSS 7.3; high severity): A privilege escalation vulnerability affecting Windows Backup that allows VBS bypass and unpatching target systems.
- CVE-2024-21302 (CVSS 6.7; medium severity): A privilege escalation flaw affecting Windows systems supporting Virtualization Based Security (VBS). Exploiting the flaw allows reintroducing previously patched vulnerabilities, evading VBS features, and stealing data.
The researchers devised a specific Downdate tool that bypasses security features like Trusted Installer enforcement and integrity verification and targets critical operating system components, such as DLLs, drivers, and NT kernel, to downgrade them. Such precise downgrading of components reintroduces previously patched vulnerabilities without letting the OS detect any issues. Hence, to the end user, the system would generate no alarms regarding potential vulnerabilities.
In their study, the researchers could easily compromise various OS components, ultimately compromising the VBS UEFI locks without physically accessing the target system. Doing so allowed the researchers to fully downgrade the target system to a former unpatched vulnerable state.
The researchers have shared a demo video on the attack alongside other technical details in their post. They presented their findings at the recently held Black Hat 2024.
For now, the vulnerabilities await a full patch, but Microsoft confirmed that it is working on relevant mitigations in its security update.
Let us know your thoughts in the comments.
Bringing Anne Frank’s Secret Annex to New York, and the World
10 Best National Parks to Visit in January + 1 to Skip » Local Adventurer
Sports: Renovations gets release date in March
AMD admits the Ryzen 9 9950X3D may not be faster than the 9800X3D in gaming
Roborock Qrevo Curv robot vac review: Handles steps but not cables
Afghans fleeing Taliban appeal to Trump to exempt them from order suspending refugee relocation
3 Simple Steps to Stop Comparing Yourself to Other People
101 Funny Love Quotes for Laughs, Positive Vibes and Less Stress
Ontario faces calls to dedicate surplus land for long-term care homes to non-profits
SMITE 2 showcases its newest additions with the Wandering Market and new god Cabrakan
Singapore Airlines CEO set to join board of Air India, BA News, BA
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
The Top 20 Motivational Instagram Accounts to Follow (2024)
Satisfy Your Meat and BBQ Cravings While in Texas
Soccer team’s drone at center of Paris Olympics spying scandal
15 Best Magnetic Tile Race Tracks for Kids!
Have Unlimited Korean Food at MANY Unlimited Topokki!
Croatia to reintroduce compulsory military draft as regional tensions soar
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
15 of the Best Trike & Tricycles Mums Recommend
-
Destination4 months agoSingapore Airlines CEO set to join board of Air India, BA News, BA
-
Tech News8 months agoBangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Motivation7 months agoThe Top 20 Motivational Instagram Accounts to Follow (2024)
-
Guides & Tips6 months ago
Satisfy Your Meat and BBQ Cravings While in Texas
-
Tech News6 months agoSoccer team’s drone at center of Paris Olympics spying scandal
-
Toys6 months ago15 Best Magnetic Tile Race Tracks for Kids!
-
Guides & Tips6 months ago
Have Unlimited Korean Food at MANY Unlimited Topokki!
-
Breaking News5 months agoCroatia to reintroduce compulsory military draft as regional tensions soar