Google researcher discover privilege elevation bug in Windows 8.1, 32/64 bit versions.
A Google researcher named Forshaw has discovered a privilege escalation bug in Windows 8.1.
The vulnerability is identified in the function ahcache.sys/AhcVerifyAdminContext.
This is checked in the function AhcVerifyAdminContext.
It is just then a case of finding a way to exploit the vulnerability.
No effort has been made to verify it on Windows 7.
The PoC has been tested on Windows 8.1 update, both 32 bit and 64 bit versions.
Id recommend running on 32 bit just to be sure.
This bug is subject to a 90 day disclosure deadline.
If 90 days elapsewithout a broadly available patch, then the bug report will automaticallybecome visible to the public.
The Thread and PoC can be accessedhere.
source: www.techworm.net
