
The Risk of Unauthorized Modification in Microsoft's Software Updates: A Threat to Your System's Defenses

The Risk of Unauthorized Modification in Microsoft’s Software Updates: A Threat to Your System’s Defenses
Security researcher Alon Leviev has discovered a vulnerability in Windows Update that allows attackers to disable security patches without detection. This downgrade attack can potentially compromise fully updated Windows systems, and expose them to old threats which Microsoft has already patched.
According to Leviev, he wanted to test the protection Windows offers against downgrade attacks. To his surprise, Windows barely has any fail safes to prevent unauthorized OS rollbacks. The researcher found serious security flaws in Windows Update that he exploited to gain elevated system privileges and breeze past Windows security. Using a custom tool called Windows Downdate, he managed to downgrade system files, drivers , and the Windows kernel (the core program which has full control over the operating system) on Windows 10 and 11.
The downgrades he made remained undetectable and persistent, meaning they were invisible to Windows Update and system recovery tools. They’re also irreversible. The attack would trick the victim into thinking their machine is up-to-date (as Windows Update would confirm). But the core components would have been quietly replaced with older versions, exposing them to thousands of already-fixed vulnerabilities.
Leviev also discovered critical flaws in the Windows virtualization security, including Hyper V . Exploiting those flaws, he managed to downgrade and bypass virtualization security features. The researcher warns that Windows might not be the only operating system vulnerable to downgrade attacks.
There have been no attacks in the wild using this attack vector, which is good news. But Leviev demoed it at Black Hat USA 2024 and DEF CON 32 2024. He also reached out to Microsoft in February, when he first identified these threats.
Microsoft has since been working on an update to patch them, but six months later, it’s still not available. “We are actively developing mitigations to protect against these risks while following an extensive process involving a thorough investigation, update development across all affected versions, and compatibility testing, to ensure maximized customer protection with minimized operational disruption,” Microsoft stated in an official response.
Source: Alon Leviev via Safebreach
Also read:
- [New] Fostering Self-Assurance Against Virtual Hostility for 2024
- Apple Resurrects AI Ambitions – An Overview of Progress and Persistent Challenges | ZDNET Insights
- Boost Your Gameplay with Better FPS – Eliminating Freezing Issues in Warzone
- Detailed Solution: Fixing Crashes in Mordhau for Smoother Gameplay
- Discover the Ultimate Prime Day Bargains for Laptops in Oct '24 | Expert Tips
- Here are Some of the Best Pokemon Discord Servers to Join On Motorola Moto E13 | Dr.fone
- In 2024, 8 Ways to Transfer Photos from Tecno Pop 8 to iPhone Easily | Dr.fone
- In 2024, Full Guide to Fix iToolab AnyGO Not Working On Tecno Camon 20 Pro 5G | Dr.fone
- In 2024, How to Delete iCloud Account On iPhone 11 without Password?
- In 2024, Uncovering Invisible Challenges in VR
- Increase Fallout T76 Performance - Expert Fixes for Optimizing FPS
- Minecraft Glitch Solved! How to Overcome the Notorious 'Exit Code 0' Problem
- New A Step-by-Step Approach to Implementing Audio Volume Diminuation for 2024
- No More Fortnite Freezing: Effective Troubleshooting Steps Inside
- Overcoming Freezing Glitches in Outriders on Windows - Step-by-Step Fixes
- Solving 'Disconnected From Server' Error in Fallout 76 on Your PC
- Ultimate Guide: Resolving Stuttering Issues in Age of Empires IV
- Title: The Risk of Unauthorized Modification in Microsoft's Software Updates: A Threat to Your System's Defenses
- Author: Daniel
- Created at : 2024-12-04 16:33:04
- Updated at : 2024-12-06 19:00:33
- Link: https://win-answers.techidaily.com/the-risk-of-unauthorized-modification-in-microsofts-software-updates-a-threat-to-your-systems-defenses/
- License: This work is licensed under CC BY-NC-SA 4.0.