Windows Update may occasionallybackfire with wrong patches , but for the most part , it ’s meant to keep us secure from the latest threats . Microsoft regularly pushes new patches that address potential vulnerability . But what if there were a putz that could undo every Windows Update and go out your PC expose to all the threats Microsoft think it had already set ? Bad news : Such a tool now exist , and it ’s called Windows Downdate .
Do n’t care , though . You ’re safe from Windows Downdate — at least for now . The peter was developed as a proof - of - construct by SafeBreach investigator Alon Leviev , and although its potential is nothing brusque of terrifying , it was made in proficient faith as an example of something called “ clean - hat hacking , ” where researchers essay to find vulnerability before malicious threat actors can do it first .
In the case of Windows Downdate , if this fell into the wrong hands , the impact could be staggering . The exploit relies on a flaw in Windows Update to instal older updates where sure vulnerability have n’t been patched yet . Leviev used the putz to downgrade active link libraries ( DLL ) , drivers , and even the NT kernel , which is a core constituent in Windows . This is attain while get around all substantiation , and the result is entirely invisible and irreversible .
“ I was able to make a amply patch Windows auto susceptible to thousands of past vulnerability , turning unsex vulnerability into zero - day and making the term ‘ full piece ’ meaningless on any Windows simple machine in the world , ” say Leviev in aSafeBreachpost . “ After these downgrades , the bone report that it was fully updated and was unable to install succeeding update , while retrieval and scanning tools were ineffectual to detect issues . ”
Leviev also name that the entire virtualization spate in Windows was also susceptible to this effort ; the research worker managed to downgrade Credential Guard ’s Isolated User Mode Process , Hyper - V ’s hypervisor , and Secure Kernel . Leviev even find “ multiple agency ” to turn off virtualization - based protection ( VBS ) in Windows , and this was still possible even when UEFI locks were enforced .
“ To my knowledge , this is the first time VBS ’s UEFI lock have been bypassed without strong-arm access , ” Leviev said .
Windows Downdate can fundamentally unmake every security department piece ever created , then fox the PC into reckon everything is o.k. as it stealthily exposes it to one C of dissimilar threat . A dick such as this could wreak some serious mayhem on any oxygen , and Leviev surmise that other operating systems , such as MacOS and Linux , might be at risk as well .
The dependable news is that Leviev specify to protect Windows users from a tool such as this , and the researcher reported his findings to Microsoft in February 2024 . Microsoft release two fibrocystic disease of the pancreas in response ( CVE-2024 - 21302andCVE-2024 - 38202 ) and seems to be hard at study fixing this vulnerability . Let ’s hope that Microsoft is quicker to patch this exploit than non - ethical hackers are to use it to their own advantage .
