In the recent past, Microsoft had announced that it has begun allowing mods on certain games available on its store. Mods simply means that a user can modify certain files or parts of the game to customize the look and the feel of the game. A researcher at IOActive, a Cybersecurity service provider, felt that this might lead to the exploitation of vulnerabilities, if any, on the Microsoft store which could affect millions of Windows users.
The researcher, Donato Ferrente, who is also a security consultant at IOActive, downloaded and analyzed the entire installation process of a game which was supposed to have mods. He discovered a vulnerability, which was then named as CVE-2020-16877, which could be used by attackers to gain extra privileges over the Windows system. Ferrente noticed that the installation process ran through a position of elevated privileges.
Ferrente realised that any attacker can abuse the entire process by deleting and/or overwriting certain files during runtime. This shall help the attacker to gain certain extra privileges over the Windows system and in turn the user will be harassed. Donato demonstrated this using a system of symbolic links or symlinks, which, he believed could be used to abuse the system. The vulnerability, CVE-2020-16877 was under observation, and was finally patched by Microsoft in October 2020.
