NewsSecurity Vulnerabilities

Microsoft Windows Incorrect Permission Assignment Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information or to create a denial-of-service condition on affected installations of Microsoft Windows.

An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Furthermore, the vulnerable behavior occurs only in certain hardware configurations.

The specific flaw exists within the Volume Manager. The issue results from incorrect permissions set on an object.

An attacker can leverage this vulnerability to disclose information in the context of the kernel.

An attacker can also leverage this to create a denial-of-service condition on the system.

Further details at https://www.zerodayinitiative.com/advisories/ZDI-24-598/

Jason Davies

I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.