Wednesday, February 1, 2023
spot_img
HomeCyber Security BlogsMicrosoft Store Games could be Modified for Extra Privileges on Windows

Microsoft Store Games could be Modified for Extra Privileges on Windows

In the recent past, Microsoft had announced that it has begun allowing mods on certain games available on its store. Mods simply means that a user can modify certain files or parts of the game to customize the look and the feel of the game. A researcher at IOActive, a Cybersecurity service provider, felt that this might lead to the exploitation of vulnerabilities, if any, on the Microsoft store which could affect millions of Windows users.

The researcher, Donato Ferrente, who is also a security consultant at IOActive, downloaded and analyzed the entire installation process of a game which was supposed to have mods. He discovered a vulnerability, which was then named as CVE-2020-16877, which could be used by attackers to gain extra privileges over the Windows system. Ferrente noticed that the installation process ran through a position of elevated privileges.

Ferrente realised that any attacker can abuse the entire process by deleting and/or overwriting certain files during runtime. This shall help the attacker to gain certain extra privileges over the Windows system and in turn the user will be harassed. Donato demonstrated this using a system of symbolic links or symlinks, which, he believed could be used to abuse the system. The vulnerability, CVE-2020-16877 was under observation, and was finally patched by Microsoft in October 2020.

 

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -spot_img

Most Popular

Recent Comments

亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us