An Interest In:
Web News this Week
- March 26, 2024
- March 25, 2024
- March 24, 2024
- March 23, 2024
- March 22, 2024
- March 21, 2024
- March 20, 2024
Windows Users Warned: A new Windows Desktop Vulnerability found.
Desktop Window Managers vulnerability:
Kaspersky researchers have found a zero-day vulnerability (CVE-2021-28310) in a Microsoft Windows component called Desktop Window Manager (DWM).
They said:
"The vulnerability our advanced exploit prevention technology discovered is an elevation of privilege vulnerability. That means a program can trick Desktop Window Manager into giving it access that it shouldnt have. In this case, the vulnerability allowed the attackers to execute arbitrary code on victims machines it essentially gave them full control over the computers."
CVE-2021-28310 is an out-of-bounds (OOB) write vulnerability in dwmcore.dll, which is part of Desktop Window Manager (dwm.exe). Due to the lack of bounds checking, attackers are able to create a situation that allows them to write controlled data at a controlled offset using DirectComposition API.
How to get your pc safe:
Download this pc patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28310
Original Link: https://dev.to/manishfoodtechs/windows-users-warned-a-new-windows-desktop-vulnerability-found-2g3d
Dev To
An online community for sharing and discovering great ideas, having debates, and making friendsMore About this Source Visit Dev To