Great. Now Microsoft has to develop updates that people can undo but malware can't - and I'll bet that they'll come down firmly on the side of making them hard for malware to undo over making them easy for people to undo.
Your victim's Windows PC fully patched? Just force undo its updates and exploit away
Techniques to forcibly remove security patches from Windows machines so that fixed vulnerabilities are exploitable again were demonstrated this week. These methods are a handy means for rogue users, intruders, and malware that already have a presence on a victim's computer to remove updates supplied by Microsoft so that old …
COMMENTS
-
-
Thursday 8th August 2024 05:15 GMT diodesign
Re: Full admin access
Yeah, yeah. We know, that's why our article is upfront about it. We were on the fence about the research and decided in the end to cover this because other outlets, including the Washington Post, were writing about this without mentioning the admin aspect at all.
The PR team for the vendor told us, when we asked, that admin rights are needed or you need a priv'd user to intervene. But Microsoft think it's important enough to warrant a fix and there is an EoP aspect to it.
We're not telling you to panic. We're telling you how it is. Give us some credit!
C.
-
-
Friday 16th August 2024 13:20 GMT mpi
"It appears you must already have administrative access...
, or be able to make a privileged account complete some steps"
Ah, so I need to have full control of the system, in order to undo security updates to get full control of the system that I already have full control over so I can have full control over my full control.
Got it.