While working on the Windows security tool, a security researcher accidentally discovered a zero-day vulnerability affecting the Windows 7 and Windows Server 2008 R2 operating systems.

Zero-day vulnerability discovered in Windows 7 system

The revealed vulnerability appears to be related to the RPC Endpoint Mapper and DNSCache service, which are part of Windows systems. At the root of the vulnerability are two incorrectly configured registry keys.

Keys:

– HKLM \ SYSTEM \ CurrentControlSet \ Services \ RpcEptMapper

– HKLM \ SYSTEM \ CurrentControlSet \ Services \ Dnscache

French security researcher Clement Labro modifies the above registry keys to enable any intruder a subkey that is usually used by the Windows Performance Monitoring mechanism.

In the latest build version of Windows 10, these DLL files are restricted and limited privileges are assigned. However, on Windows 7 and Windows Server 2008 R2 systems, it is still possible to install DLL files that run with full authority at the system level.

Microsoft has not yet released a patch on the new zero-day vulnerability uncovered.



