Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - F-Secure Anti-Virus: privilege escalation via FSGK.SYS

November 2015 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

A local attacker can use the FSGK.SYS driver of F-Secure Anti-Virus, in order to escalate his privileges.

Impacted products: F-Secure AV.

Severity: 2/4.

Creation date: 02/09/2015.

DESCRIPTION OF THE VULNERABILITY

The F-Secure Anti-Virus product installs the Gatekeeper (FSGK.SYS) driver.

However, this driver does not use the FILE_DEVICE_SECURE_OPEN flag, so a local attacker can manipulate the kernel memory allocation.

A local attacker can therefore use the FSGK.SYS driver of F-Secure Anti-Virus, in order to escalate his privileges.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/F...




See previous articles

    

See next articles