Last week, security researchers Alex Ionescu and Yarden Shafir published an analysis of a new Windows vulnerability that they named PrintDemon. The analysis included a proof-of-concept demonstration that worked on Windows 7 and newer versions of Windows. PrintDemon, in a nutshell, is an elevation of privilege vulnerability that "allows arbitrary writing to the file system" upon successful exploitation. PrintDemon allows a low-privileged user to create a printer port pointing to a file, and then print to that port. If the user has insufficient permissions for writing to said file, Print Spooler service will do that as Local System upon computer…
[Continue Reading]
Aucun commentaire:
Enregistrer un commentaire