programming.dev
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
ylai@lemmy.ml to cybersecurity@infosec.pubEnglish · 1 year ago

Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability

www.theregister.com

external-link
message-square
7
link
fedilink
  • cross-posted to:
  • [email protected]
60
external-link

Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability

www.theregister.com

ylai@lemmy.ml to cybersecurity@infosec.pubEnglish · 1 year ago
message-square
7
link
fedilink
  • cross-posted to:
  • [email protected]
Windows admin-to-kernel exploit went unpatched for 6 months
www.theregister.com
external-link
PLUS: NSA shares cloud security tips; Infosec training for Jordanian women; Critical vulnerabilities
  • The Stoned Hacker@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    depends, they can also loaded via dkms which may not require it

    • Skull giver@popplesburger.hilciferous.nl
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      deleted by creator

      • The Stoned Hacker@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        It kinda depends, on custom kernels DKMS can be incredibly helpful. Like for a hardened kernel, a lot of drivers may be loaded via DKMS.

    • Justin@lemmy.jlh.name
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yeah, it actually looks like Ubuntu leaves the module signing key accessible to root on the filesystem:

      https://wiki.ubuntu.com/UEFI/SecureBoot#Security_implications_in_Machine-Owner_Key_management

      So root access basically gives you kernel access, if you just sign a malicious kernel module with the MOK.

cybersecurity@infosec.pub

cybersecurity@infosec.pub

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

  • Be kind
  • Limit promotional activities
  • Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 16 users / day
  • 182 users / week
  • 612 users / month
  • 1.76K users / 6 months
  • 107 local subscribers
  • 4.14K subscribers
  • 811 Posts
  • 1.69K Comments
  • Modlog
  • mods:
  • shellsharks@infosec.pub
  • tweedge@infosec.pub
  • BE: 0.19.11
  • Modlog
  • Legal
  • Instances
  • Docs
  • Code
  • join-lemmy.org