News Windows Downdate exposes updated OS to old vulnerabilities — vulnerability allows undetectable downgrade attacks to undo security patches

Status
Not open for further replies.
What is badly missing from the article:
- the links: CVE-2024-21302 and CVE-2024-38202
- what the attacker needs: "The vulnerability enables an attacker with administrator privileges on the target system to replace current Windows system files with outdated versions." and "For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability."
 
Status
Not open for further replies.