The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

Researchers create Hot Potato exploit for Windows

2016-01-25 16:06 by
Tags:

 

Security researchers from Foxglove Security have combined several Windows vulnerabilities in one exploit, called "Hot Potato". It can be used to break into PCs/systems/laptops running on Windows 7/8/8.1/10 and Windows Server 2008/2010, allowing hackers to gain full control of user's computer.

These exploits were initially discovered in the year 2000 but still these exploits were not patched by Microsoft.

"Hot Potato takes advantage of known issues in Windows to gain local privilege escalation in default configurations, namely NTLM relay -\- specifically HTTP-SMB relay - and NBNS spoofing," Foxglove researcher Stephen Breen says.

"Using this technique, we can elevate our privilege on a Windows workstation from the lowest levels to NT Authority/System – the highest level of privilege available on a Windows machine. "This is important because many organisations unfortunately rely on Windows account privileges to protect their corporate network."

Read more -here-

 

  Post your review/comments
    rate:
   avg:
comment discuss top
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About