Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Default setting in Windows 7, 8.1 could allow privilege escalation, sandbox escape

Default setting in Windows 7, 8.1 could allow privilege escalation, sandbox escape

2015/03/25

Threatpost - (International) A Google Security Project Zero researcher identified certain default authentication settings in Microsoft's Windows versions 7 and 8.1 that could allow attackers to use cross-protocol NT LAN Manager (NTLM) reflection to attack a local Server Message Block (SMB) server and leverage Web Distributed Authoring and Versioning (WebDAV) to elevate privileges or escape application sandboxes. Microsoft urged users to implement Extended Protection for Authentication (EPA) to mitigate the vulnerability.

Source: https://threatpost.com/default-setting-in-windows-7-8-1-could-allow-privilege-escalation-sandbox-escape/111809

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:23:51