Microsoft took 6 months to fix a critical Windows flaw exploited by hackers


Corentin Béchade

March 4, 2024 at 9:45 a.m.

4

Update your Windows installation © Alexandre Boero / Clubic

Update your Windows installation © Alexandre Boero / Clubic

This is news that is unlikely to reassure owners of Windows machines. Just a few weeks ago, Microsoft corrected a months-old flaw.

If you haven’t installed your Windows Updates in a while, you better do so as soon as possible. Indeed, Microsoft recently deployed a patch for a critical flaw allowing remote code execution, and with elevated privileges, on many versions of Windows 10 and Windows 11, as well as on Windows Server 2019 and 2022 machines.

Under everyone’s noses and beards

The flaw, poetically named CVE-2024-21338, was discovered by Avast security researchers in August 2023. Nestled in a Windows driver, it allows you to win, without any intervention on the part of the user or the user, access to the Windows kernel, the most critical system sublayer. From there, it becomes very easy to disable antivirus software, read data of all kinds and install spyware. All while remaining perfectly invisible to the eyes of the victim.

To make matters worse, Avast specialists also explained that this flaw has long been exploited by the malicious hacker group Lazarus. “The FudModule rootkit represents one of the most sophisticated tools in Lazarus’ arsenal», Writes Avast, which therefore advises installing the latest Windows security patches as quickly as possible.

Make your updates

For its part, Microsoft limited itself to indicating that the flaw was indeed used, but that “to exploit it an attacker must first connect to the system locally or remotely“. In short, a potential malicious hacker must first gain general access to the machine before sucking up all the data and gaining kernel access privileges. While this reduces the attack surface, there are multiple ways to infect a machine remotely before exploiting an invisible vulnerability.

Thanks to the chain execution of some malware, it then becomes possible to take control of a machine without sounding the slightest alert. No explanation as to the delay in Microsoft’s correction has been communicated, but the company has at least clarified that the fix has been available for all affected machines since February 13. So you know what you have to do.

Best antivirus, comparison in March 2024
To discover
Best antivirus, comparison in March 2024

March 1, 2024 at 09:08

Service comparisons

Source : Bleeping Computer

Corentin Béchade



A journalist for almost 10 years, I have been in the tech and digital sector since my very first jobs. Tinkerer (a lot), librarian (a little), I developed a specialization in...

Read other articles

A journalist for almost 10 years, I have been in the tech and digital sector since my very first jobs. Tinkerer (a lot), librarian (a little), I have developed a specialization in the themes of ecology and digital technology as well as the protection of private life. On weekends I torture Raspberry Pis with lots of 'sudo' commands to relax.

Read other articles

  • Anti-virus

  • Cyber ​​security





Source link -99