Windows Event Log Vulnerabilities Could Be Used to Disable Security Products


Remote attackers could exploit two Event Log vulnerabilities in Windows to crash the Event Log application and cause a denial-of-service (DoS) condition, Varonis warns.

Due to the close integration of the browser with the operating system, Event Log is an Internet Explorer-specific application that is present in every version of Windows. Even after Microsoft stops supporting Internet Explorer in June 2022, two security flaws persist in all Windows versions up to Windows 10 due to the particular set of permissions that Event Log has.

The first of the exploits, dubbed LogCrusher, gave a domain user the ability to remotely crash the Event Log on any Windows machine connected to the domain.

Read More: Windows Event Log Vulnerabilities Could Be Exploited to Blind Security Products

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.