Home > Cyber News > Windows Zero-Day Revealed on Twitter, Microsoft Data Sharing Service Affected
CYBER NEWS

Windows Zero-Day Revealed on Twitter, Microsoft Data Sharing Service Affected

A new zero-day Windows vulnerability has been disclosed via the Twitter social network. According to the information released by the security researcher the problem lies within the Microsoft Data Sharing service. It is used to allow data sharing between applications.




Windows Zero-day Vulnerability Caused by the Microsoft Data Sharing Service

A security researcher has disclosed a previously unknown Windows zero-day vulnerability. Information about it was posted on Twitter and according to it a security affects the Microsoft Data Sharing service. This is an important part of the operating system as it allows data sharing between the applications. An in-depth look at the issue shows that hackers can use it to gain elevated privileges when running malicious code. The proof-of-concept code posted was devised to remove files from the machine which normally requires elevated privileges — these are usually system files or protected data.

When modified the code can allow other actions to be executed — files manipulation, system settings access and commands execution. All contemporary versions of Microsoft Windows are affected: Windows 10 (even the October 2018 Update is vulnerable), Server 2016 and Server 2019. Earlier versions are not affected because this component is not available then.

Related Story: [wplinkpreview url=”https://sensorstechforum.com/cve-2018-8453-microsoft-windows-zero-day-vulnerability-used-attacks-worldwide/”]CVE-2018-8453: Microsoft Windows Zero-Day Vulnerability Used in Attacks Worldwide

Abuse of this Windows zero-day vulnerability can lead to system sabotage. A direct consequence is that any non-admin user executing the required command or script can delete any file. When system data is affected this will crash the operating system and force the users to go through the system restore procedure.

7 hours after the Windows zero-day was released a micropatch candidate was announced. It will block the exploit by adding an impersonation to the relevant delete files command. Before being released to the public it will need to be tested for reliability and side effects. Microsoft has not yet commented on the issue or released a patch that amends the problem. It is expected that a fix will be released soon for all affected machines.

Avatar

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...