Author Topic: Windows 0day: Windows Update downgrade attack  (Read 284 times)

0 Members and 1 Guest are viewing this topic.

Offline madiresTopic starter

  • Super Contributor
  • ***
  • Posts: 8206
  • Country: de
  • A qualified hobbyist ;)
Windows 0day: Windows Update downgrade attack
« on: August 08, 2024, 07:10:19 am »
The 0day:
- Windows Update downgrade attack "unpatches" fully-updated systems (https://www.bleepingcomputer.com/news/microsoft/windows-update-downgrade-attack-unpatches-fully-updated-systems/).
- Your victim's Windows PC fully patched? Just force undo its updates and exploit away (https://www.theregister.com/2024/08/08/microsoft_windows_updates/)
- Black Hat 2024 presentation (https://www.blackhat.com/us-24/briefings/schedule/index.html#windows-downdate-downgrade-attacks-using-windows-updates-38963, link to PDF at the end)
- Researcher's blog post: Windows Downdate: Downgrade Attacks Using Windows Updates (https://www.safebreach.com/blog/downgrade-attacks-using-windows-updates/)

Unpatched for 6 months! So much for their 'security first' pledge.
« Last Edit: August 08, 2024, 12:32:59 pm by madires »
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf