Downgrade attacks allow remotely targeting critical Windows OS components to reintroduce previously patched vulnerabilities.

LHN is a renowned programming languages weblog, offering insights into the theory, design, and implementation of programming languages. Through articles, research papers, and discussions, LHN provides insights into language features, language design principles, and emerging language paradigms. Developers and researchers can learn about functional programming, type systems, and compiler construction to deepen their understanding of programming language theory and practice.

Latest Hacking News

Researchers from SafeBreach have unveiled 'Downgrade attacks' at Black Hat 2024, exploiting two zero-day vulnerabilities to revert updated Windows systems to their vulnerable states. These attacks, involving privilege escalation flaws (CVE-2024-38202 and CVE-2024-21302), allow attackers to bypass security features and reintroduce previously patched vulnerabilities. The researchers demonstrated that these attacks could compromise OS components without physical access. Microsoft is currently working on mitigation strategies.

Researchers Demonstrate Windows Downgrade Attacks At Black Hat 2024