03
Hacking Group PLATINUM Used Microsoft Patches for Windows to Siphon Information
Hotpatching susceptibility hasn’t been reported despite being disclosed an a decade past of being used in wild as of now. This is the first time any company has recognized the exploit used in the wild. Microsoft site said that the Windows Server 2003’s own upgrade system was used by PLATINUM against it, it avoided security scanners that were common.
Support was introduced by Windows Server 2003 Service Pack 1 for popular patching specific core system services. Microsoft released ten distinct upgrades for the operating system that used this ability. When the upgrades were installed a special manner (it was’t the default option), the upgrade would patch the working system to fit the new, upgraded code into a server without creating the need to reboot the server. Specific versions of Windows contain the ability to load a patch DLL and use this DLL to change working applications to support this hotpatching. Both routine applications and the kernel can be patched this way.
There are no comments.