Despite patches, Windows can still be downgraded to vulnerable versions


Microsoft made significant strides to strengthen its Windows kernel against compromise. Yet, hackers with administrator privileges can still replace the kernel itself, making the whole system vulnerable.

At Black Hat USA 2024, SafeBreach Labs researcher Alon Leviev demonstrated a Windows downgrade attack, dubbed Windows Downdate. This attack allows bad actors to take over the Windows Update process, downgrade critical components to vulnerable versions, and even bypass virtualization-based security (VBS) without physical access.

Multiple patches later, Windows Update takeover still remains a threat, and Leviev has demonstrated that once again. The researcher replaced critical OS components, elevated privileges, and stripped security features. Yet, despite being completely compromised, the system appeared “fully patched.”

ADVERTISEMENT

Microsoft has only patched a few previously discovered privilege escalation vulnerabilities affecting Secure Kernel. However, the method for the compromise – the takeover of Windows Update – remains viable.

“It did not cross a defined security boundary. Gaining kernel code execution as an Administrator is not considered as crossing a security boundary (not a vulnerability),” Leviev explains in the new report.

So, the researcher just used another vulnerability and fed it to a fully patched Windows system using the compromised Windows Update process. Leviev’s tool bypasses all the verification steps, including integrity verification and Trusted Installer enforcement. It requires administrator privileges.

“I was able to develop a tool to take over the Windows Update process to craft custom downgrades on critical OS components to expose previously fixed vulnerabilities,” the researcher said.

What new flaw was exploited?

Critical files on the system are supposed to be “locked” or immutable. Windows considers these files safe, as write access is blocked. But the researcher found a trick. The “immutable” files can still be altered when the system re-reads them from memory. During the reload, an attacker can swap the verified catalog for a fake one.

The exploit, labeled “ItsNotASecurityBoundary,” bypasses one of the main kernel’s security enhancements, the Driver Signature Enforcement (DSE) feature. This vulnerability, according to the researcher, belongs to a new class of flaws known as False File Immutability.

“An attacker can replace a verified catalog with a malicious version containing the authenticode for an unsigned kernel driver. Consequently, when the system parses the catalog, it recognizes the unsigned driver’s authenticode as valid, allowing the unsigned driver to be loaded,” Leviev writes.

ADVERTISEMENT

The researcher needed only to downgrade a single DLL file (ci.dll) to demonstrate that attackers could bypass DSE and deploy custom stealthy rootkits, hiding processes and network activity, and “much more.”

“The ability to downgrade components that reside in the kernel makes things much simpler for attackers, unfortunately,” Leviev warns. “Downgrade attacks offer more flexibility by allowing the downgrade of first-party components, including the OS kernel itself.”

Leviev also demonstrates that virtualization-based security (VBS) can be disabled on most systems.

By default, VBS isn’t locked in the UEFI, which is a modern firmware that starts up the OS. In such a case, VBS can be turned off by modifying a few registry keys. Even the UEFI Lock can be bypassed if the “Mandatory” flag isn’t set – an attacker could replace VBS’s files and prevent it from loading.

Only the “Mandatory” flag would cause boot failure.

“The “Mandatory” flag isn’t automatically set when the UEFI lock is enabled; it has to be set manually. Furthermore, it was only officially documented in September 2024, following my findings. Because of this, I expect that very few machines have this flag enabled,” Leviev explains.