Aerosol Posted May 12, 2015 Report Share Posted May 12, 2015 Win32k Elevation of Privilege Vulnerability. Allows code to be executed in kernel mode. Used by malware to target Windows 7. Apply MS15-051 for fix.https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.htmlhttps://github.com/hfiref0x/CVE-2015-1701Downloadpass: exploitSource 1 Quote Link to comment Share on other sites More sharing options...
Nytro Posted May 12, 2015 Report Share Posted May 12, 2015 Super Quote Link to comment Share on other sites More sharing options...
Nytro Posted May 13, 2015 Report Share Posted May 13, 2015 Testat pe Windows 7 - x64. Merge. Haideti, comentatorilor, nu va plangeti ca posteaza porcarii? Quote Link to comment Share on other sites More sharing options...
woodgardian Posted May 13, 2015 Report Share Posted May 13, 2015 Aerosol,e super ok. Quote Link to comment Share on other sites More sharing options...
gogusan Posted May 13, 2015 Report Share Posted May 13, 2015 Testat pe Windows 7 - x64. Merge. Haideti, comentatorilor, nu va plangeti ca posteaza porcarii?m*ie microsoft....gauri lasate intentionat 1 Quote Link to comment Share on other sites More sharing options...
blech Posted May 13, 2015 Report Share Posted May 13, 2015 pune unu un link cu patch-ul de la Microsoft.... eu nu reusesc sa-l gasesc. 1 Quote Link to comment Share on other sites More sharing options...
gogusan Posted May 13, 2015 Report Share Posted May 13, 2015 (edited) nu exista momentan patch la download, doar e anuntat Edited May 13, 2015 by gogusan Quote Link to comment Share on other sites More sharing options...
Aerosol Posted May 16, 2015 Author Report Share Posted May 16, 2015 Hi,attached is the variant of Sednit which uses local privilege escalation vulnerability CVE-2015-1701More information:https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.htmlDownloadPass: infectedSource Quote Link to comment Share on other sites More sharing options...