A zero-day vulnerability in Dropbox for Windows allows attackers to escalate privileges from simple windows users privilege to the reserved SYSTEM privilege. The vulnerability resides in the DropBoxUpdater service , which is responsible for keeping the client application up to date. Dropbox Updater Vulnerability The vulnerability was discovered by security researcher Decoder and Chris Danieli and they have created a PoC to test the vulnerability. The DropBoxUpdater is the component of the Dropbox Client Software suite, the updater installed as a service and keeps 2 scheduled tasks running with SYSTEM permissions. Dropboxupdate writes the log files in the directory “c:\ProgramData\Dropbox\Update\Log”, any users can access the directories or to add, delete the files. Another notable thing is that SetSecurity call made through SYSTEM privileges on the files, this allows an attacker to exploit via hardlink . “But we have a problem h...
The Hacks001 blog is the most popular, independent and trusted source for the latest news headlines on cybersecurity, hacking, computer security, cybercrime, privacy, vulnerabilities and technology for all businesses, information security professionals and hackers worldwide.