Today, Microsoft released their latest Patch Tuesday. This Patch includes a fix for vulnerability CVE-2015-0057, an IMPORTANT-rated exploitable vulnerability which we responsibly disclosed to Microsoft a few months ago. As part of our research, we revealed this privilege escalation vulnerability which, if exploited, enables a threat actor to complete control of a Windows machine. In other words, a threat actor that gains access to a Windows machine (say, through a phishing campaign) can exploit this vulnerability to bypass all Windows security measures, defeating mitigation measures such as sandboxing, kernel segregation and memory randomization.

Interestingly, the exploit requires modifying only a single bit of the Windows operating system.


  • There are no comments yet
1 votes

The community with that certain extra

  • 01
    APRS Caching

    Geocaching of a different kind

  • 02
    Online Logbuch

    Manage you QSO's directly on socialhams and share it with your friends

  • 03
    DX Cluster

    Use the worlds first HTML5 based cluster on your mobile device too

  • 04
    Elmer's Corner

    Become an Elmer today and share your knowledge with interested parties