It allow a low privileged application to read and write data to a higher privileged application.
If exploited, the weakness in CTF protocol could allow attackers to easily bypass User Interface Privilege Isolation (UIPI), letting even an unprivileged process to:
- read sensitive text from any window of other applications, including passwords out of dialog boxes,
- gain SYSTEM privileges,
- take control of the UAC consent dialog,
- send commands to the administrator's console session, or
- escape IL/AppContainer sandboxes by sending input to unsandboxed windows.
The researcher has also released a custom open-source "CTF Exploration Tool" on Github that he developed and used to discover many critical security issues in the Windows CTF protocol.
Ormandy responsibly reported his findings to Microsoft in mid-May this year and released the details to the public today after Microsoft failed to address the issue within 90 days of being notified.
https://thehackernews.com/2019/08/ctfmon-windows-vulnerabilities.html
No comments:
Post a Comment