New Unpatched Kernel Bug

A new bug that opens UAC to attackers and has been unveiled to the public. While in itself it isn’t a threat, but by using a second form of malware it can cause a lot of damage. UAC was designed to block silent malware from installing, this bug leaves a big hole where the malware can execute without a UAC prompt.

“Microsoft is aware of the public posting of details of an elevation of privilege vulnerability that may reside in the Windows kernel,” said Jerry Bryant, a group manager with the Microsoft Security Response Center, in an e-mail. “We will continue to investigate the issue and, when done, we will take appropriate action.”

The bug is in the “win32k.sys” file, a part of the kernel, and exists in all versions of Windows, including XP, Vista, Server 2003, Windows 7 and Server 2008, said Sophos researcher Chet Wisniewski in a Thursday blog post.