Another Windows 10 Zero-Day Bug Could Allow Overwriting Files With Random Data

  • 679
  •  
  •  
  •  
  •  
  •  
  •  
    679
    Shares

The individual who identified several zero-day flaws in Windows 10 eventually reported another bug in the OS before the end of 2018. As per his findings, another Windows 10 zero-day bug threatened the users as it allowed modifying existing files. Exploiting this vulnerability could let an attacker overwrite files with arbitrary data.

Windows 10 Zero-Day Bug Allowing File Overwrites Discovered

Christmas day brought some annoying news for Microsoft as a researcher highlighted a zero-day vulnerability in its latest Windows OS. Allegedly, the researcher with alias Sandboxescaper dropped another Windows 10 zero-day bug notification online. At that time, they didn’t reveal the details, yet, pledged to provide the PoC in the following days. Before the end of 2018, they even disclosed the proof-of-concept on Github, thus allowing Microsoft to patch the flaw.

As disclosed recently, the bug could allegedly let an attacker overwrite system files with arbitrary data. Giving the PoC, the researcher herself demonstrated how she could overwrite the “pci.sys”. It is a critical system file responsible for correct OS boot.

As demonstrated by the researcher in the exploit, she could cause a DoS state on the target system without necessarily having admin privileges. She first revealed her findings on her Twitter account that is now suspended.

Limitations In The PoC

Though Sandboxescaper could successfully overwrite a system file in her PoC, this is not always workable. According to Will Dormann, Vulnerability Analyst at CERT/CC, the exploit can only work sometimes.

Moreover, the researcher also explained that the exploit may not work on some CPUs. For instance, she couldn’t exploit the bug on a CPU with one core.

While the researcher seemingly informed Microsoft about the vulnerability, Microsoft hasn’t confirmed the report yet. So, we may speculate that, at present, the bug is exploitable.

Take your time to comment on this article.

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!