The exploit allows an attacker to impersonate the system account
A new zero-day attack against Windows, capable of bypassing the User Access Control (UAC) protections introduced in Windows Vista and designed to prevent malware from gaining administrative access without user authorisation, has been discovered in the wild.
The proof-of-concept implementation of the infection technique, known as Troj/EUDPoC-A, was posted to a Chinese educational forum before being discovered by anti-virus researchers from various security firms.
Chester Weisniewski, of anti-virus vendor Sophos, warns that the technique used by the Trojan enables an attacker to impersonate the system account, which has nearly unlimited access to all components of the Windows system, and does so without triggering the User Access Control protections introduced by Microsoft to prevent exactly that occurring. The flaw currently exists in all versions of Windows.
Pls ensure your system is up to date with latest patches and your anti-virus with latest virus definitions.
No comments:
Post a Comment