According to its own information, Microsoft fixed a bug with June Patch Day that could be used by unauthorized persons to extend rights. Now, however, the researcher who discovered the vulnerability reports that the fix is incomplete.
The security gap is about the possible bypassing of security functions of Windows TCP/IP drivers, whereby an attacker would be able to assign further rights to himself and then, for example, load any malicious code onto his victim’s system. The vulnerability is based on a local attack vector with little chance of exploitation, so an attacker must first have direct access to a PC. However, such a problem should not remain unfixed.
Patch is available
The vulnerability was reported to Microsoft by Google Project Zero on March 24th. The company finally confirmed that the June 8 patch update rolled out a fix. Details on the vulnerability can be found in CVE-2021-31970, where Microsoft also appreciates the Google Project Zero report. At the same time, it was confirmed that it is a local attack vector on various operating systems, including Windows 8.1, Windows 10, and Windows Server 2016.
In further investigations of the available update, however, the researcher James Forshaw found that the patch mitigates the exploit of the proof of concept (PoC), but does not really fix the underlying problem and is, therefore, incomplete reports Neowin. The security researcher simply developed a new PoC to show that the exploit is still possible and reported it again to Microsoft on June 18. Since the original 90-day period expired on June 23 without the bug being fully resolved, the exploit is now being published.
I’m a communication enthusiast and junior editor-reporter at Research Snipers RS-NEWS, I have completed a degree in Mass Communication but very enthusiastic about new technology, games, and mobile devices. I have the main interest in Technology and games.