Black Hat preview: AI and cloud security take center stage
- by nlqip
Security researchers at SafeBreach, led by Alon Leviev, discovered that Windows Updates could be similarly hacked to force a downgrade of the software on Windows PC.
The researchers were able to show that attacks carried out using this approach could be crafted to bypass verification steps performed during updates, including integrity verification and Trusted Installer enforcement.
The attack created the means to downgrade critical OS components, including DLLs, drivers, and even the NT kernel — leaving a compromised machine unable to install future updates. Attacks were possible in a Windows Updates restoration scenario, creating a vector for unprivileged attackers to abuse the technique.
Source link
lol
Security researchers at SafeBreach, led by Alon Leviev, discovered that Windows Updates could be similarly hacked to force a downgrade of the software on Windows PC. The researchers were able to show that attacks carried out using this approach could be crafted to bypass verification steps performed during updates, including integrity verification and Trusted Installer…
Recent Posts
- Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
- How to reduce cyber risk during employee onboarding
- Germany seizes 47 crypto exchanges used by ransomware gangs
- Police dismantles phone unlocking ring linked to 483,000 victims
- Ahead Adds Former Google Cloud VP To Board To ‘Fuel’ AI, Hybrid Cloud