Newly-discovered zero-day vulnerability affects all versions of Windows
Security firm Trustwave has discovered a zero-day exploit for Windows for sale on an underground Russian hacking forum. A user going by the name BuggiCorp says the vulnerability affects all versions of Microsoft's operating system, from Windows XP and 2000 upwards, including both 32- and 64-bit versions.
The source code for the exploit is offered for upwards of $90,000, and the seller explains that it can be used to elevate the privileges of any software process to SYSTEM level -- the highest there is. Payment is requested in Bitcoin, but while the exploit is considered serious, experts suggest that the asking price is a little high.
Unusually, BuggiCorp is offering exclusivity; he (or she) is only looking for a single buyer. The exploit will almost certainly be sold, but it's not clear whether it will be a would-be hacker, Microsoft, or a security firm that will stump up the cash. While not providing access to the online advert directly, Trustwave has shared details of what BuggiCorp is offering up:
- Source code project based on MSVC2005, with all the source code of the exploit and a demo for the exploit.
- Free of charge updates to address any Windows version that the exploit might not work on (Might be the case with Windows 10 as there is a large number of different builds).
- A detailed write up of the vulnerability details (including the specific vulnerable code in win2k).
- Complementary consultation on integrating the exploit according to your needs (within reason).
- On request -- convert the source code project to a different MSVC version.
Of course, whenever bold claims such as those being made by BuggiCorp appear, there will be those who question their veracity. To answer to doubters, the hacker has published a couple of videos showing the exploit in action. The first shows the zero-day working on a copy of Windows 10 with the May update installed:
The second video shows how the exploit can be used to bypass EMET security: