It is just a week that a 19 year old security vulnerability in every version of the Windows Operating System was disclose publicly and yet another critical vulnerability hit to the Microsoft door.
On the post of the popular forum XDA-developers a users named "DJAmol" have found the critical security loop holes in the latest version of the Microsoft mobile Operating system i.e Windows 8.1. Users claimed that this vulnerability can be easily exploited by the hackers to hack the Nokia Lumia device.
According to the DJAmol, the vulnerability allows the attackers to run their application with to the user's privileges and edit the registry file also. On explanation of the hack process users mentioned that by replacing the content files of the OEM trusted application which is transferred to the SDcard, by the attackers designed app content, attacker app inherit the privileges of the trusted OEM app.
After files gets replaced than attacker could then delete the existing directory and create a new directory with the same name as the original App. Additionally this also leads to the third party registry editor app will gain full access to the Info and Settings in the app itself.
On the post of the popular forum XDA-developers a users named "DJAmol" have found the critical security loop holes in the latest version of the Microsoft mobile Operating system i.e Windows 8.1. Users claimed that this vulnerability can be easily exploited by the hackers to hack the Nokia Lumia device.
According to the DJAmol, the vulnerability allows the attackers to run their application with to the user's privileges and edit the registry file also. On explanation of the hack process users mentioned that by replacing the content files of the OEM trusted application which is transferred to the SDcard, by the attackers designed app content, attacker app inherit the privileges of the trusted OEM app.
On the post DJAmol have discussed the process of the hack which is as follows -
- Develop your own application package and deploy application package on the target device.
- Downlaod and Install any app from the Windows phone app store. For eg.- “Glance Background Beta”.
- Now Delete or replace all the files and content from the directory of the installed app (Glance Background Beta) with the own developed app package files.
- Finally launch the App which will run in OEM (Glance Background beta) directory using the privileges of the targeted App .
As the hack is simple and easy so any one can perform that (from the above steps).
Note:- All the steps that is discussed above is from outer source, so causing damage or any loss to device, Cyber Kendra will not be responsible. Don't try to perform it if you don't know what you are doing.
Forum users had reported the issue to the Microsoft team and also warned them about the risk of the vulnerability. Till yet Microsoft had not replied to the users reports so we have to wait till Microsoft response.