The security researchers working with Trend Micro’s Zero Day Initiative (ZDI) have recently published 5 unpatched zero-day bugs in Microsoft Windows, four of which are critical.
Among the five zero-day bugs the security researchers have marked three of the vulnerabilities as dangerous and here they are:-
The above three zero-day bugs are marked as most dangerous among the five, because, they were rated 7.0 on the CVSS score, and their exploitation allows an attacker to increase the privileges on a vulnerable system and execute the code in the context of the current user.
All these vulnerabilities were discovered in the host process splwow64.exe of the user mode of the print driver and are associated with the fact that the data entered by the user is not checked properly until dereferencing it as a pointer.
Moreover, the same host process contained a vulnerability, CVE-2020-0915, which is rated 2.5 on the CVSS score by the security experts.
Specialists informed Microsoft of their findings in December 2019, and the company intended to release a patch as part of May “Tuesday of corrections” in 2020 but did not manage to do this. Only beta versions of fixes were presented to experts.
The latter vulnerability, which has not yet been assigned a CVE identifier, rated 7.0 on the CVSS score. It allows the attackers to increase the privileges and is associated with the processing of WLAN connection profiles.
By creating a malicious profile, an attacker could reveal the credentials of a computer account and use this vulnerability to increase privileges and execute code in the administrator’s context.
Moreover, the security researchers have already informed Microsoft about these problems in January, but the company said it would not release a patch for these vulnerabilities.
Here’s the Full list of five Windows Zero-day Bugs:-
|ZDI ID||ZDI CAN||AFFECTED VENDOR(S)||CVE||PUBLISHED|
Measures to Mitigate These Flaws:-
According to the security experts, right now there are no security patches are available to fix these flaws.
But, if you still want to keep yourself secure, then the only possible way is to avoid using these services. And make sure that only the clients and servers should be permitted to communicate with a legitimate procedural link between them.
So, what do you think about this? Simply share all your views and thoughts in the comment section below.