Detected zero-day vulnerability in Dropbox Windows 10 application, users pay attention!
A group of freelance security researchers recently reported a zero-day vulnerability in the Windows version of Dropbox that could allow an attacker to gain extremely simple SYSTEM privileges.
Specifically, two freelance security researchers with the nicknames Chris Danieli and Decoder first discovered this vulnerability in early September and notified Dropbox of the vulnerability on September 18. At that point, Dropbox committed to providing a remedy within 90 days. However, more than 3 months have passed, Dropbox still has not been able to release a security patch for this vulnerability, so Chris Danieli and Decoder decided to make a public announcement to warn users.
The vulnerability exists in the Dropbox Windows application and is an arbitrary file overwrite issue that could provide an attacker with escalated local user access to remotely execute code as a SYSTEM. According to the researchers, the problem most likely stems from the DropboxUpdater service.
DropboxUpdater is installed as part of the Dropbox client software, and the team says it runs as SYSTEM in standard installations as well as "one of the dropboxupdate tasks that is run hourly by the task scheduler (task scheduler)". Every time it is activated, the system will record a log file and send it to the location of the SYSTEM account - this is the point that allows the hacker to "take action". Indeed, the researchers have successfully overwritten files controlled by the SYSTEM account and got their hands on a shell, command-line interface with those SYSTEM privileges.
Fortunately, it is not easy for hackers to exploit this vulnerability. First and foremost, the attacker must possess local user access to the target computer, which means that the hacker's reach has been significantly reduced. However, that does not mean that you are allowed to be subjective. The Dropbox app needs to be installed in the standard way, complete with admin privileges, but since most people leave the default installation, the risk still exists.
As reported by experts Bleeping Computer, a "micro-patch" currently available on oPatch can temporarily fix this issue (by cutting the logging code from DropboxUpdater) until a "original" fix is available. ” from Dropbox rolled out.
A spokesperson for Dropbox said: "We've become aware of this issue through our bug bounty program and will be rolling out a fix in the coming weeks. This vulnerability can only be exploited in limited circumstances, and we have not received any reports of it affecting our users.”
Cisco Security Appliances Targeted DoS Attacks Through An Old Vulnerability
Backdrop corner: Google, Microsoft award millions of dollars to white hat hackers, Toyota, NEC say "thank you"
Smishing, public WiFi, deepfake... security threats will explode in 2020
Detected vulnerability on TP-Link router that allows attackers to log in without a password
- Data Center Network Security | Next Generation Firewall
- Help Protect Your Digital Assets Against Cyber Threats Network Security
- Network Security Software | Search Learn more Security NET
- Spam filter, Antivirus software, Proxy server | Network access control (NAC)
- Review and analysis Managed Application Support Services for AWS
The world great event
Operate and exploit advertising by iCOMM Vietnam Media and Technology Joint Stock Company.
Adress: 99 Nguyen Tat Thanh, To 2, Khu 6, Thi tran Tan Phu, Tan Phu, Dong Nai.
Email: phuongtran2191@gmail.com | Tel: (+84) 984654960
Editor in chief: Tran Nha Phuong
Company: Lucie Guillot (Nha Phuong Tran)