Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/wdormann/statuses/113131595502204020">Will Dormann (wdormann@infosec.exchange)'s status on Saturday, 14-Sep-2024 03:25:25 JST</a><a href="https://infosec.exchange/@wdormann" title="wdormann@infosec.exchange"><img src="https://gnusocial.jp/avatar/232810-48-20240116185707.webp" width="48" height="48" alt="Will Dormann" style="position: absolute; left: 0; top: 0;">Will Dormann</a></section><article><p>This September's release of CVE-2024-38014 mitigates an entire class of LPE vulnerabilities on Windows. 🎉</p><p>That is, prior to this update, a non-admin user can trigger an MSI repair operation, which might do some unsafe things with SYSTEM privileges.</p><p>After this update, such MSI files will prompt the user for admin credentials.<br><a href="https://sec-consult.com/blog/detail/msi-installer-repair-to-system-a-detailed-journey/" rel="nofollow noreferrer">https://sec-consult.com/blog/detail/msi-installer-repair-to-system-a-detailed-journey/</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3662774#notice-7176746">In conversation</a><time datetime="2024-09-14T03:25:25+09:00" title="Saturday, 14-Sep-2024 03:25:25 JST">about 2 months ago</time> <span>from <span><a href="https://infosec.exchange/@wdormann/113131595502204020" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@wdormann/113131595502204020">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/3165130">Untitled attachment</a></label><br><a href="https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/131/590/878/553/924/original/04e9ba1d9ab88fcc.png" rel="external">https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/131/590/878/553/924/original/04e9ba1d9ab88fcc.png</a></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/3165131">Untitled attachment</a></label><br><a href="https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/131/592/629/630/522/original/04e79a0758ba07c1.png" rel="external">https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/131/592/629/630/522/original/04e79a0758ba07c1.png</a></li><li><article><header><div>Domain not in remote thumbnail source whitelist: sec-consult.com</div><h5><a href="https://sec-consult.com/blog/detail/msi-installer-repair-to-system-a-detailed-journey/">Microsoft Windows MSI Installer - Repair to SYSTEM - A detailed journey</a></h5><div></div></header><div>Repair functions of Microsoft Windows MSI installers can be vulnerable in several ways, for instance allowing local attackers to escalate their privileges to SYSTEM rights. This vulnerability is referenced as CVE-2024-38014.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Will Dormann (wdormann@infosec.exchange)'s status on Saturday, 14-Sep-2024 03:25:25 JST Will Dormann
This September's release of CVE-2024-38014 mitigates an entire class of LPE vulnerabilities on Windows. 🎉
That is, prior to this update, a non-admin user can trigger an MSI repair operation, which might do some unsafe things with SYSTEM privileges.
After this update, such MSI files will prompt the user for admin credentials.
https://sec-consult.com/blog/detail/msi-installer-repair-to-system-a-detailed-journey/
In conversationabout 2 months ago from infosec.exchangepermalink
Attachments
1. Untitled attachment
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/131/590/878/553/924/original/04e9ba1d9ab88fcc.png
2. Untitled attachment
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/131/592/629/630/522/original/04e79a0758ba07c1.png
3. Domain not in remote thumbnail source whitelist: sec-consult.com
  Microsoft Windows MSI Installer - Repair to SYSTEM - A detailed journey
  Repair functions of Microsoft Windows MSI installers can be vulnerable in several ways, for instance allowing local attackers to escalate their privileges to SYSTEM rights. This vulnerability is referenced as CVE-2024-38014.

Public

Embed Notice

HTML Code

Corresponding Notice