Sign in / up

back to article Ransomware crew may have exploited Windows make-me-admin bug as a zero-day

The Black Basta ransomware gang may have exploited a now-patched Windows privilege escalation bug as a zero-day, according to Symantec's threat hunters. Microsoft plugged the hole in the Windows Error Reporting Service in the March Patch Tuesdsay, and warned orgs that the vulnerability, tracked as CVE-2024-26169, could allow …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Pascal Monett Silver badge
    Facepalm

    Dear me

    "Windows' werkernel.sys uses a null security descriptor when creating registry keys"

    Let me guess : it was easier to do that than to set a security level equal to that of the user creating the key.

    Obviously, when security is an afterthought, this is what happens.

    3 0 Reply
  2. anthonyhegedus Silver badge

    Security is rather hard to do when the whole basis for the OS is a mess. Bits have been piled on, changed and left there since Windows 95 or before. Much of the OS seems to be there to stop you doing things unless you bought the right licence, rather than stop you doing things because you don't have permissions. And now they're concentrating on adverts and conversions.

    Perhaps if they took teams off the crapware and onto security, and had somebody in charge who had the ethos of "get people to use windows BECAUSE of its features" and not "IN SPITE OF its features" we'd have a secure and well-like system.

    4 1 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like