Windows 10 News and info | Forum
November 12, 2019, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Demo Exploit Code Published for Remote Code Execution via Microsoft Edge  (Read 119 times)
javajolt
Administrator
Hero Member
*****
Online Online

Gender: Male
United States United States

Posts: 30683


I Do Windows


WWW Email
« on: December 28, 2018, 10:11:08 PM »
ReplyReply

Exploit code demonstrating a memory corruption bug in Microsoft's Edge web browser has been published today by the researcher that discovered and reported the vulnerability in the first place. The code can lead to remote code execution on unpatched machines.

The security bug affects Chakra, the JavaScript engine powering Edge, in a way that could allow an attacker to run on the machine arbitrary code with the same privileges as the logged user.

Reported by Bruno Keith of the phoenhex team of vulnerability researchers, the flaw has been marked as having a critical impact by Microsoft on most operating systems it affects. The only systems where it has 'moderate' severity are Windows server editions 2019 and 2016.

The proof-of-concept code has 71 lines and results in an out-of-bounds (OOB) memory read leak; the effect may not appear that damaging but an attacker can modify the demo exploit to achieve a more harmful outcome.

"Chakra failed to insert value compensation which causes the headSegmentsym to be reloaded but not the headSegmentLength sym, we, therefore, accessed the new buffer with the wrong length checked," explains a comment in the demo code.

Unpatched systems at risk

There are multiple scenarios where an adversary could see the exploit code pay off, as it would give them complete control over installing programs, viewing, changing, or deleting data, or to create new user accounts with administrative rights.

"In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website," Microsoft notes in its advisory this month.

Adversaries could also use a different approach to infect user computers: placing the exploit code in a location the user is likely to access, such as a website or advertisements, can do the trick just as good, the company added.

MIcrosoft addressed the issue in the December security updates for Windows. This does not mean that users are all protected, though. Some may not have the update mechanism turned on or postpone installing the updates to a convenient time, while others may depend on a system administrator to install them on their system.

source
Logged


Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page August 29, 2019, 07:58:42 PM