USB Stick of Death: Not Really Low Severity

by kriggins on October 22, 2012

in Uncategorized

On October 21st, 2012, Mateusz “j00ru” Jurczyk, published a blog post describing an exploit he developed which allows one to execute a privilege escalation attack on Windows 7. The attack results in one having SYSTEM level permissions on the machine. SYSTEM is the highest level of permissions one can have, even higher than administrative permissions.

You can read the details about the exploit here. I Suggest you do read it. It is very interesting.

In the post the following statement is made:

...requires the attacker to obtain physical access to the machine and have a local user in the system. Consequently, the only scenario in which it might be a problem security-wise is a local computer shared between multiple users with restricted privileges (e.g. schools, universities, hostels) and thus has been rated as low-severity by both us and MSRC,...

Let's see. Where else might there be situations where this might be of concern? How about any organization that restricts its users from having administrative privileges on their workstations.

Wait, you mean there are places that enforce least privilege on their users?

Yup.

I work for one. I also know of several government entities that also restrict administrative privileges for most users.

Color me crazy, but I'm pretty sure those organizations would not consider the ability to easily elevate privileges as a "low-severity" vulnerability.

Just sayin'.

What do you think?

-Kevin

Previous post:

Next post: