{"id":1397,"date":"2013-03-14T13:25:32","date_gmt":"2013-03-14T17:25:32","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=1397"},"modified":"2013-03-14T13:25:32","modified_gmt":"2013-03-14T17:25:32","slug":"critical-windows-usb-exploit-allows-flash-drives-to-grant-root-access-patch-issued","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2013\/03\/14\/critical-windows-usb-exploit-allows-flash-drives-to-grant-root-access-patch-issued\/","title":{"rendered":"Critical Windows USB exploit allows flash drives to grant root access, patch issued"},"content":{"rendered":"

\"\"<\/a><\/p>\n

Microsoft’s Patch Tuesday yielded an interesting security fix for a glaring vulnerability in how the Windows kernel handles USB device enumeration. The critical vulnerability allowed potential hackers with physical access to a Windows PC to run arbitrary code with system user privileges — even while Windows was locked and users logged off.
\nWould-be hackers could exploit the security hole by merely inserting a specially-formatted USB flash drive with a custom device descriptor. During device detection, the Windows kernel would parse this information and execute malicious code found on such a USB drive, irrespective of autorun or AutoPlay settings. The code would run with elevated system privileges.
\nMicrosoft’s researchers admit this attack may indicate other, similar “avenues of exploitation” — but perhaps where physical access to the host system is not required.
\nThe vulnerability (MS13-027) is found across all versions of Windows ranging from Windows 8 to as far back as Windows XP SP2, including Windows Server variants.
\nBecause the hack requires no user interaction and exploits how Windows kernel-mode drivers handles memory-resident objects, the security snafu could be exploited even without a logged on user or while a Windows system is locked.
\nHaving physical access to a computer can make rooting a standard Windows box relatively straightforward; however, exploits which require only brief casual access can be dangerous, particularly in office and educational settings — a user’s privacy and security can be compromised in a matter of seconds.
\nMicrosoft addressed this security issue in yesterday’s round of updates. Windows Update is the simplest way to install the patch, but it can also be downloaded and install manually.
\nvia Critical Windows USB exploit allows flash drives to grant root access, patch issued – TechSpot<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Microsoft’s Patch Tuesday yielded an interesting security fix for a glaring vulnerability in how the Windows kernel handles USB device […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[3,5,7,9,11],"tags":[341,450,1138],"class_list":["post-1397","post","type-post","status-publish","format-standard","hentry","category-hardware","category-microsoft","category-security","category-software","category-windows","tag-exploit","tag-hack","tag-usb"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-mx","jetpack-related-posts":[{"id":9405,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/10\/07\/odorless-and-weightless-hackers-this-week-in-tech-687\/","url_meta":{"origin":1397,"position":0},"title":"Odorless and Weightless Hackers – This Week in Tech 687","author":"NCCT","date":"October 7, 2018","format":false,"excerpt":"https:\/\/youtu.be\/lb4rnqfNdas Chinese Spy Chips, Microsoft Highs and Lows, Pixel 3 Event Predictions, and More! Bloomberg reports that China used tiny chips to spy on Apple, Amazon, and the US government. Apple and Amazon deny it. How do we know who is right? All the news from the Microsoft Surface event,\u2026","rel":"","context":"In "Apple"","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/lb4rnqfNdas\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9806,"url":"https:\/\/nccomputertech.com\/techtalk\/2024\/11\/08\/ai-vulnerability-discovery-rts-ai-tv-hosts-windows-10-updates\/","url_meta":{"origin":1397,"position":1},"title":"AI Vulnerability Discovery – RT’s AI TV Hosts, Windows 10 Updates","author":"NCCT","date":"November 8, 2024","format":false,"excerpt":"https:\/\/youtu.be\/g7ZsibpgoWQ","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/g7ZsibpgoWQ\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9655,"url":"https:\/\/nccomputertech.com\/techtalk\/2021\/03\/09\/fuquay-varina-and-holly-springs-computer-repair\/","url_meta":{"origin":1397,"position":2},"title":"Fuquay Varina and Holly Springs Computer Repair","author":"NCCT","date":"March 9, 2021","format":false,"excerpt":"Welcome to our blog. NC Computer Tech services Fuquay Varina, Holly Springs, and surrounding NC areas. We offer prompt, professional, courteous service with over twenty years of experience dealing with residential and small business clients offering them solutions and fixing their computer and network issues at reasonable rates. Our services\u2026","rel":"","context":"In "Technology"","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9330,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/04\/03\/security-now-657-protonmail\/","url_meta":{"origin":1397,"position":3},"title":"Security Now 657: ProtonMail","author":"NCCT","date":"April 3, 2018","format":false,"excerpt":"https:\/\/youtu.be\/OeSZg-ph3Ns This week we discuss \"DrupalGeddon2\", Cloudflare's new DNS offering, a reminder about GRC's DNS Benchmark, Microsoft's Meltdown meltdown, the persistent iOS QR Code flaw and its long-awaited v11.3 update, another VPN user IP leak, more bug bounty news, an ill-fated-seeming new eMail initiative, Free electricity, a policy change at\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/OeSZg-ph3Ns\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9902,"url":"https:\/\/nccomputertech.com\/techtalk\/2025\/02\/11\/tpm-2-0-is-not-required-for-windows-11\/","url_meta":{"origin":1397,"position":4},"title":"TPM 2.0 Is Not Required for Windows 11","author":"NCCT","date":"February 11, 2025","format":false,"excerpt":"https:\/\/youtu.be\/yjjCbOOpREg On Security Now, Steve Gibson talks about Microsofrt dropping the TPM 2.0 requirement from Windows 11.","rel":"","context":"In "Microsoft"","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/yjjCbOOpREg\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9884,"url":"https:\/\/nccomputertech.com\/techtalk\/2024\/12\/08\/how-emergency-vehicle-lights-can-trigger-digital-epileptic-seizures-in-self-driving-cars\/","url_meta":{"origin":1397,"position":5},"title":"How Emergency Vehicle Lights Can Trigger Digital Epileptic Seizures in Self-Driving Cars","author":"NCCT","date":"December 8, 2024","format":false,"excerpt":"https:\/\/youtu.be\/GVJSZAcXPqU In this segment from Security Now episode 1003, Steve Gibson and Leo Laporte explore the fascinating research revealing how emergency vehicle lights can induce \"digital epileptic seizures\" in self-driving cars, potentially leading to accidents. Watch the full episode for more on Microsoft's AI training practices, the Tor network's call\u2026","rel":"","context":"In "Technology"","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/GVJSZAcXPqU\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1397","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=1397"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1397\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=1397"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=1397"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=1397"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}