Fri. Dec 6th, 2019

Researchers: Windows 10 Update Assistant has major vulnerabilities affecting tens of millions of users

2 min read

The Windows 10 Update Assistant, has recently been revealed by researchers to have significant security breaches affecting tens of millions of home and business users. Windows 10 Update Assistant is a native update management tool designed to help individual users keep up with OS updates as Microsoft publishes them. As an official tool and mainly used to upgrade the operating system, the Update Assistant has system-level permissions, which is the main reason for the high level of vulnerability.

Windows 10 Update Assistant vulnerability

After analyzing the software, the researchers found that a vulnerability exists in a component and can be used to raise rights. A hacker can use the vulnerability to create an account with the same privileges as the user. For example, when the logged-in user has administrator privileges, the hacker can also create a new administrator account, which can be used to install any backdoor program. These backdoors are then used to monitor users or remotely read arbitrary files, steal corporate confidential data and data, and even listen to user sessions. Therefore, this vulnerability is a big hazard for both home and enterprise users, but uninstalling the Update Assistant directly can solve this problem.

It is conservatively estimated that at least tens of millions of computers in the world are installed by Windows 10 Update Assistant. Fortunately, Microsoft confirmed that this vulnerability can only be triggered after local authentication. For example, an enterprise employee uses a general-privileged account, and an attacker can use the phishing method to implant malware into the employee, and then use the vulnerability to raise the authority to the administrator level. Therefore, the hazard of vulnerability is indeed relatively large, but the process of use is relatively complex. At least the attacker wants to launch a large-scale network attack.

After receiving the researcher’s report, Microsoft has fixed the vulnerability and released a new version. If the user has not disabled automatic update, the Windows 10 Update Assistant should have been upgraded. If the user finds the KB4023814 update in the system update, it is the Windows 10 Update Assistant. If you need to use it, it is best to allow this update to fix the vulnerability.

Direct uninstallation is very simple to resolve this vulnerability by using the following command:

C:\Windows10Upgrade\Windows10UpgraderApp.exe /ForceUninstall

Via: Forbes