343
Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability
(www.theregister.com)
this post was submitted on 12 Mar 2024
343 points (98.0% liked)
Technology
59201 readers
3114 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Doesn’t having admin privileges mean you can load any driver into the kernel anyway, including blatantly malicious drivers?
I'm not sure that's necessarily true with enforcement of driver signing.
The latest OS kernels typically make some effort to resist arbitrary code injection even by the system administrator and sometimes goes even further against an attacker with a read/write primitive on the kernel. Linux with secure boot will refuse to load unsigned kernel modules for example.
Why’s that? I thought admin could override that
It is part of the SSSCA / CBDTPA / "Trusted" computing initiative. The large corporations want to control what you are allowed to do with your computer. This is where the phrase "digital rights management" comes from.