Register | Login
BootSkins XP
Cursor FX
Dream
Icon Packager
LogonStudio XP
LogonStudio
Object Dock
Sound Schemes
Suites
WallPapers
WindowBlinds
All

Search
Forum Home | Login
We have re-enabled logins for the forums, please be aware that you may need to reset your password or register for an account again while we continue to restore full functionality.
Uvah
Uvah
Join Date 05/2006
+874

Windows 10: DoubleAgent zero-day hijacks Microsoft tool to turn antivirus into malware

From ZDNet

External Link
March 23, 2017 3:59:54 PM from WinCustomize ForumsWinCustomize Forums

Came across this in yahoo news. 

Search this post
Advanced Search
Subscription Options
Reason for Karma (Optional)
Successfully updated karma reason!
Uvah
codewar65
Join Date 02/2017
+8
Reply #1 March 23, 2017 6:57:35 PM
from WinCustomize ForumsWinCustomize Forums

Ouch! A zero-day attack that targets almost ALL anti virus packages? That's an expensive process to engineer. I wonder if they stumbled onto another Stuxnet class critter.

Reason for Karma (Optional)
Successfully updated karma reason!
Uvah
benmanns
Join Date 12/2005
+93
Reply #2 March 24, 2017 6:19:25 AM
from WinCustomize ForumsWinCustomize Forums

https://wikileaks.org/ciav7p1/

Reason for Karma (Optional)
Successfully updated karma reason!
Uvah
codewar65
Join Date 02/2017
+8
Reply #3 March 24, 2017 7:52:46 AM
from WinCustomize ForumsWinCustomize Forums

Quoting benmanns,
reply 2

https://wikileaks.org/ciav7p1/


Thought so.

Reason for Karma (Optional)
Successfully updated karma reason!

Sign Up or Login and this ad disappears!
There are many great features available to you once you register. Sign Up for a free account and browse the forums without ads.

Uvah
benmanns
Join Date 12/2005
+93
Reply #4 March 24, 2017 10:19:04 AM
from WinCustomize ForumsWinCustomize Forums

Some sources say that the code had been leaked end of Jan and that it could be found on the DN for staggering price.
This is pretty worrying since it could be potentially an opened pandoras box.

 

Reason for Karma (Optional)
Successfully updated karma reason!
Uvah
JcRabbit
Join Date 03/2001
+288
Reply #5 March 24, 2017 1:50:50 PM
from WinCustomize ForumsWinCustomize Forums

Eh? Did you guys watch the video?!

Am I missing something? He uses an ELEVATED cmd window to launch the DoubleAgent executable. Without admin privileges given to it by the user in the first place, DoubleAgent can't do anything. This 'zero-day exploit' is a joke.

Reason for Karma (Optional)
Successfully updated karma reason!
Uvah
Uvah
Join Date 05/2006
+874
Reply #6 March 24, 2017 2:20:09 PM
from WinCustomize ForumsWinCustomize Forums

I read the article but didn't watch the video. Perhaps I should have.

Reason for Karma (Optional)
Successfully updated karma reason!
Uvah
benmanns
Join Date 12/2005
+93
Reply #7 March 24, 2017 3:35:57 PM
from WinCustomize ForumsWinCustomize Forums

Quoting JcRabbit,
reply 5

Eh? Did you guys watch the video?!

Am I missing something? He uses an ELEVATED cmd window to launch the DoubleAgent executable. Without admin privileges given to it by the user in the first place, DoubleAgent can't do anything. This 'zero-day exploit' is a joke.

the command prompt is launched as admin and might not even be necessary to be launched as such?'
You can run a regsvr without admin rights as far as im aware if you call another action to bypass.
 

 

Reason for Karma (Optional)
Successfully updated karma reason!
Uvah
DrJBHL
Join Date 04/2002
+4048 moderator
Reply #8 March 24, 2017 3:36:43 PM
from WinCustomize ForumsWinCustomize Forums

Not all...there are several AVs which have patched the vulnerability.

Reason for Karma (Optional)
Successfully updated karma reason!
View all recent posts
Mark all posts as read Delete cookies created by the forum Return to Top
Stardock Forums v        Server Load Time:   Page Render Time:


Home | About | Privacy | Upload Guidelines | Terms of Service | Help
WinCustomize © 2025 Stardock. All Rights Reserved.