Black Hat preview: AI and cloud security take center stage

Computer hacker silhouette of hooded, man using laptop and monitor for steal data. Cyber crime concept.



Security researchers at SafeBreach, led by Alon Leviev, discovered that Windows Updates could be similarly hacked to force a downgrade of the software on Windows PC.

The researchers were able to show that attacks carried out using this approach could be crafted to bypass verification steps performed during updates, including integrity verification and Trusted Installer enforcement.

The attack created the means to downgrade critical OS components, including DLLs, drivers, and even the NT kernel — leaving a compromised machine unable to install future updates. Attacks were possible in a Windows Updates restoration scenario, creating a vector for unprivileged attackers to abuse the technique.



Source link
lol

Security researchers at SafeBreach, led by Alon Leviev, discovered that Windows Updates could be similarly hacked to force a downgrade of the software on Windows PC. The researchers were able to show that attacks carried out using this approach could be crafted to bypass verification steps performed during updates, including integrity verification and Trusted Installer…

Leave a Reply

Your email address will not be published. Required fields are marked *