This update adds support for Windows 7 64-bit.
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
This update improves the reliability by handling scenarios where the attack cannot be performed.
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
The user can write 0 where he wants. This can be used to write SecurityDescriptor and write system processes. Therefore we can elevate privileges.
An arbitrary memory r/w access issue was found in the Linux kernel compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation errors in the eBPF verifier module, triggered by user supplied malicious BPF program. An unprivileged user could use this flaw to escalate their privileges on a system. Setting parameter "kernel.unprivileged_bpf_disabled=1" prevents such privilege escalation by restricting access to bpf(2) call.
This update improves the module to bypass UAC by adding support for Windows 10.
A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated local attacker, to execute arbitrary commands with SYSTEM user privileges.
This module exploits a vulnerability in snapd which incorrectly validates and parses the remote socket address when performing access controls on its UNIX socket.
A local attacker could use this to access privileged socket APIs and obtain administrator privileges.
This update adds support for more platforms.
A local attacker could use this to access privileged socket APIs and obtain administrator privileges.
This update adds support for more platforms.
Dokan redistributable are vulnerable to a buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability.