[German]Security researchers have found a way to abuse the print spooler in Windows and give programs administrative privileges. This can be exploited by malware to implant itself on the system. There is no patch for this bug yet, as the May 2020 update for CVE-2020-1048 can be bypassed.
Advertising
The old vulnerability CVE-2020-1048
CVE-2020-1048 is an elevation of privilege vulnerability in the Windows Print Spooler service. It occurs because the Windows print spooler service incorrectly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated system privileges. He could then install programs, view, modify, or delete data, or create new accounts with full user privileges.
Microsoft describes the vulnerability in this document and released security updates for Windows 7 to Windows 10 on May 12, 2020. However, it seems that Microsoft failed to patch the vulnerability.
Patch for CVE-2020-1048 can be bypassed
Security researchers have now shown that the patch that Microsoft released in May 2020 for CVE-2020-1048 can be bypassed. The bug in Windows print services can still be used to execute malicious code with elevated privileges. The vulnerability has been assigned a new CVE number CVE-2020-1337. A fix in the form of a security update is expected from Microsoft on August 11, 2020. The technical details for the new bug are not yet public. The disclosure will be made together with a proof of concept after the patch is released. Bleeping Computer has compiled a few more details in this article.
Advertising
The price of Microsoft's headlong progress in adding ever more features to Windows is a bug count curve going asymptotic. It seems incapable of fixing already known bugs. How many are yet to be discovered? Will they be discovered? Criminal hackers must be salivating at the prospect.
When will mass migration to Linux commence?
I have always thought that at least half of the security holes are made by the US government to access the computers they need. Of course they will not access those in our houses, but they will access those that interest them. It can't be that so many useless features are added to Windows. The only objective is to open holes and when they are discovered, they add a new function with another hole. I still think that it is safer to use Windows XP and it is false that Windows 10 is better because it is more protected by having patches.