Windows Update downgrade attack "unpatches" fully-updated systems
-
SafeBreach security researcher Alon Leviev revealed at Black Hat 2024 that two zero-days could be exploited in downgrade attacks to "unpatch" fully updated Windows 10, Windows 11, and Windows Server systems and reintroduce old vulnerabilities.
Windows Unupdate
Thanks, security "researchers" :angry: "Microsoft said today that it's still working on a fix for the Windows Update Stack Elevation of Privilege (CVE-2024-38202) and Windows Secure Kernel Mode Elevation of Privilege (CVE-2024-21302) vulnerabilities used by Leviev to elevate privileges, create malicious updates, and reintroduce security flaws by replacing Windows system files with older versions." <-- coming soon in a Windows unupdate near you.
-
SafeBreach security researcher Alon Leviev revealed at Black Hat 2024 that two zero-days could be exploited in downgrade attacks to "unpatch" fully updated Windows 10, Windows 11, and Windows Server systems and reintroduce old vulnerabilities.
Windows Unupdate
Thanks, security "researchers" :angry: "Microsoft said today that it's still working on a fix for the Windows Update Stack Elevation of Privilege (CVE-2024-38202) and Windows Secure Kernel Mode Elevation of Privilege (CVE-2024-21302) vulnerabilities used by Leviev to elevate privileges, create malicious updates, and reintroduce security flaws by replacing Windows system files with older versions." <-- coming soon in a Windows unupdate near you.
"Journey to the Center of the Doh!" - Jules Verne-Simpson
Our Forgotten Astronomy | Object Oriented Programming with C++ | Wordle solver