You can upgrade your privileges in just two seconds. How much do hackers want for a new hacking tool?
A new exploit for local Privilege escalation (LPE) in Windows operating systems has appeared on underground hacker forums. According to the seller under the pseudonym "vulns-rock", the exploit affects several versions of Windows at once, including the most recent ones. Среди них: Windows Server 2022, Windows Server 23H2, Windows Server 2019, Windows 10 22H2, Windows 10 21H2, Windows 10 1809, Windows 11 23H2, Windows 11 22H2, Windows 11 21H2.
According to the cybercriminal, who asks for $120,000 for his product, the exploit allows you to raise privileges to the SYSTEM level in just 2 seconds, with a claimed success rate of 99.4%. The exploit is written in C++ and includes the source code and detailed documentation.
In addition, if you believe the information provided, the exploit also has high stability and leaves no traces during execution. This allows attackers to secretly execute code with elevated privileges on compromised systems, which can lead to serious consequences.
The appearance of such an exploit on the market highlights the ongoing threats from cybercriminals and vulnerabilities in widely used operating systems.
More recently, we have already written about another exploit, though not LPE, but RCE type, affecting Microsoft Office products. For it, hackers even asked for a fabulous $1.7 million.
Organizations are encouraged to be vigilant, apply security updates in a timely manner, and implement comprehensive cybersecurity measures to reduce the risks associated with such vulnerabilities and the exploits distributed to them.
A new exploit for local Privilege escalation (LPE) in Windows operating systems has appeared on underground hacker forums. According to the seller under the pseudonym "vulns-rock", the exploit affects several versions of Windows at once, including the most recent ones. Среди них: Windows Server 2022, Windows Server 23H2, Windows Server 2019, Windows 10 22H2, Windows 10 21H2, Windows 10 1809, Windows 11 23H2, Windows 11 22H2, Windows 11 21H2.
According to the cybercriminal, who asks for $120,000 for his product, the exploit allows you to raise privileges to the SYSTEM level in just 2 seconds, with a claimed success rate of 99.4%. The exploit is written in C++ and includes the source code and detailed documentation.
In addition, if you believe the information provided, the exploit also has high stability and leaves no traces during execution. This allows attackers to secretly execute code with elevated privileges on compromised systems, which can lead to serious consequences.
The appearance of such an exploit on the market highlights the ongoing threats from cybercriminals and vulnerabilities in widely used operating systems.
More recently, we have already written about another exploit, though not LPE, but RCE type, affecting Microsoft Office products. For it, hackers even asked for a fabulous $1.7 million.
Organizations are encouraged to be vigilant, apply security updates in a timely manner, and implement comprehensive cybersecurity measures to reduce the risks associated with such vulnerabilities and the exploits distributed to them.
