A new exploit, which allows attackers to bypass the UAC (User Account Control) went public last week and now is a cause of concern for many. The bug is present in “win32k.sys” file and exists in all versions of Windows, including XP, Vista, Server 2003, Windows 7 and Server 2008.
According to the public postings, the exploit allows malware that has already been dropped on the system to bypass UAC and get the full control of the system, but the catch is that the exploit requires local access. According to Microsoft, because this is a local elevation-of-privilege issue, it requires attackers to be already able to execute code on a targeted machine.”
Attackers need to combine the exploit with some other malicious code installed on the computer to hijack it and take control.
Windows has downplayed the thread and said that it will continue to investigate the threat and will take appropriate action. Microsoft has not mentioned when it would patch the bug, but it may appear on December 14th, which is the next scheduled patch day.