Microsoft responds to 'holy grail' of Windows vulnerabilities

Microsoft finally rolled out a fix for the 'holy grail' of rootkit vulnerabilities in Windows six months after being informed about the problem.

1 minute & 52 seconds read time

Microsoft has finally addressed what has been described as the "holy grail" of Windows security vulnerabilities after being informed about it six months ago.

Microsoft responds to 'holy grail' of Windows vulnerabilities 1515151

Cybersecurity researchers from Avast informed Microsoft of the "holy grail" of security vulnerabilities in Windows that was used by the North Korean hackers Lazarus Group. The rootkit vulnerability was an admin-to-kernel exploit that was associated with a driver for AppLocker, which is an app that is designed for whitelisting software built into Windows. Notably, the vulnerability was discovered in the input/output dispatcher of appid.sys.

"A user-space attacker could abuse it to essentially trick the kernel into calling an arbitrary pointer. This presented an ideal exploitation scenario, allowing the attacker to call an arbitrary kernel function with a high degree of control over the first argument," said Avast

Furthermore, Avast claims that Lazarus Group used this specific vulnerability to gain access to read/write primitive on the Windows kernel that was later used to install their FudModule rootkit. Avast said that Microsoft's belated response to the vulnerability demonstrates the company's opinion on the severity of the vulnerability.

"Some Windows components and configurations are explicitly not intended to provide a robust security boundary," Microsoft states on its Security Servicing criteria page. Avast hit back at Microsoft's response, "Microsoft reserves the right to patch admin-to-kernel vulnerabilities at its own discretion."


Jak joined the TweakTown team in 2017 and has since reviewed 100s of new tech products and kept us informed daily on the latest science, space, and artificial intelligence news. Jak's love for science, space, and technology, and, more specifically, PC gaming, began at 10 years old. It was the day his dad showed him how to play Age of Empires on an old Compaq PC. Ever since that day, Jak fell in love with games and the progression of the technology industry in all its forms. Instead of typical FPS, Jak holds a very special spot in his heart for RTS games.

Newsletter Subscription

Related Tags