High-Tech Bridge Security Research Lab has discovered a vulnerability in Microsoft Windows which could be exploited to escalate privileges under certain conditions.
The vulnerability exists due to the “IKE and AuthIP IPsec Keying Modules” system service, which tries to load the “wlbsctrl.dll” DLL that is missing after default Windows installation. Therefore an unprivileged local user who has write access to a default or any other search PATH locations can execute arbitrary code on the vulnerable system with the privileges of the SYSTEM account.
Read more
The vulnerability exists due to the “IKE and AuthIP IPsec Keying Modules” system service, which tries to load the “wlbsctrl.dll” DLL that is missing after default Windows installation. Therefore an unprivileged local user who has write access to a default or any other search PATH locations can execute arbitrary code on the vulnerable system with the privileges of the SYSTEM account.
Read more
