Windows 10, Server 2016, and Server 2019 Affected by Zero-Day Vulnerability
Last updated September 21, 2021
Even though Windows 7 and Windows Server 2008 R2 are no longer supported by Microsoft, it cannot be ignored by the community when something severe surfaces. After all, there’s still a respectable number of users who are stuck with these older operating system versions for a range of reasons. That said, “0 Patch” is now pushing a fix for a zero-day bug that concerns a local privilege escalation vulnerability affecting the aforementioned OSes.
To be precise, Microsoft offers a special “Extended Security Updates” program for these operating systems, covering a small number of critical clients. The fix for the discovered bug is to land through that program soon.
However, the update will be free for all through the “0 Patch” program, so everyone is covered. All that you’ll have to do in order to get the patch is to register on the platform and grab the micropatch.
The discovery of the zero-day came from Clément Labro, who has published a detailed write-up on his website. As the researcher explains, the discovered flaw affects both those who are covered by the ESU program and those who received their last patch in January, when the support for Windows 7 ended.
The vulnerability lies in the exploitation of two registry keys by using the Windows Performance Monitoring mechanism to load libraries (DLL) from the privilege of the Local System and not just a local user.
All that an attacker would need is to create a “Performance” subkey in one of the following two keys:
Then, the actor would have to populate the subkey with some values and trigger the performance monitoring, eventually leading to the loading of the DLL and finally to the execution of code. So, in summary, the zero-day bug is a case of incorrect permissions handling.
The fixing micropatch is not making any system-wide changes but instead addresses the problem in the code. Not even a system reboot will be required for the micropatch to be applied, so it’s just a tiny bit that makes a huge difference in security. If you insist on using these older systems, register onto the “0 Patch” platform and keep an eye on the updates and advisories to keep your systems as safe as possible.