Zero-day exploit instantly grants administrator access on most Linux distributions since 2017
Dirty Frag exploit leaks out, gives immediate root access on most Linux machines since 2017, no patches available, no warning given
Microsoft stated that the vulnerability was not made public at the time, and that no ongoing attacks were using it, but the situation has changed since the discovery date, as recent reports have confirmed that it's now being exploited in the wild . As far as proof-of-concept goes, there's a GitHub repository with some sample code that forces the LSASS service to crash after a minute or so.
The technical details are simple and somewhat facepalm-inducing. The crafted network packet that triggers the vulnerability doesn't have anything all that fancy about it; it just contains one field that's larger than it should be. Data serialization logic in the Netlogon service combines the attacker-supplied data with the server's hostname, resulting in a classic buffer overflow — the most straightforward type of vulnerability.
Microsoft has been in security news quite often recently, mostly thanks to its ongoing spat with security researcher Chaotic Eclipse (aka Nightmare Eclipse), who published a heap of zero-days exploits after apparent negotiations with the company broke down. The situation is unclear, but has escalated to the point where Microsoft is now threatening Eclipse with legal action .
Follow Tom's Hardware on Google News , or add us as a preferred source , to get our latest news, analysis, & reviews in your feeds.
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/tech-industry/cyber-security/SPONSORED_LINK_URL
- https://www.tomshardware.com/tech-industry/cyber-security/windows-server-vulnerability-can-grant-system-privileges-with-just-a-malformed-packet-domain-controllers-are-being-exploited-in-the-wild#main
- https://www.tomshardware.com
- NVIDIA AI Cloud Ecosystem Expands Worldwide to Meet Global AI Compute Demand
- NVIDIA AI Cloud Ecosystem Expands Worldwide to Meet Global AI Compute Demand
- Nvidia says RTX Spark chip will support all major anti-cheat and DRM technologies — Fortnite, Valorant, Denuvo, and more to work natively with Windows on Arm
- Save 78% on Nord's latest Complete VPN package — 27 months of online protection for $107
- Nvidia's RTX Spark could caplitalize where Qualcomm's Arm-based efforts have not — following the expiration of Qualcomm's Windows on Arm deal, Nvidia stands poi
Informational only. No financial advice. Do your own research.