Elevation of Privilege Vulnerability in Windows Virtualization Based Security
CVE-2024-21302

6.7MEDIUM

Key Information:

Vendor
Microsoft
Status
Windows 10 Version 1809
Windows Server 2019
Windows Server 2019 (server Core Installation)
Windows Server 2022
Vendor
CVE Published:
8 August 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

A vulnerability in Microsoft Windows and Azure Virtual Machines allows attackers with administrative privileges to replace current system files with outdated versions. This exploitation can reintroduce previously mitigated vulnerabilities, undermine Virtualization Based Security (VBS) measures, and enable the extraction of data protected under VBS. Affected systems include Windows 10, Windows 11, and Windows Server 2016 or higher. Microsoft has released guidance for mitigation until a security update is available, alerting users to the risks associated with the proposed mitigations. It is crucial for users to assess their environment before applying the recommended policies.

Affected Version(s)

Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.20710

Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.7259

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.6189

News Articles

favicon image

Windows 'Downdate' Attack Makes Patched PCs Vulnerable

Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched driver signature enforcement (DSE) bypass.

2 months ago

favicon imageThe Hacker News

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

Discover how a new attack technique bypasses Microsoft’s security, enabling OS downgrade attacks on Windows.

2 months ago

favicon imageHelp Net Security

September 2024 Patch Tuesday forecast: Downgrade is the new exploit - Help Net Security

Todd Schell from Ivanti gives his overview of August and forecast for September 2024 Patch Tuesday. Are you ready to get patching?

4 months ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • 📰

    First article discovered by BleepingComputer

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed8 News Article(s)
.