Exploit for Windows 8.1 unpatched security flaw

Google security researcher Forshaw published an exploit for an unpatched security flaw targeting Windows 8.1 machines. Forshaw defended his move for publishing the exploit as he has waited for 90 days after reporting to vendor about the flaw. Since then Microsoft has not come with a patch so he has every right to publish it publicly. Exploit is posted  on Google’s security research site revealing full information about the vulnerability and its execution. A privilege escalation vulnerability occurs in the ‘ahcache.sys/NtApphelpCacheControl’ allowing attackers to execute arbitrary code on the vulnerable system. <more>

Leave a Reply

Your email address will not be published. Required fields are marked *