#DowngradeAttacks

More Details Shared on Windows Downgrade Attacks After Microsoft Rolls Out Mitigations

by

October 28, 2024 at 08:52AM Microsoft has implemented mitigations for recently identified downgrade attacks affecting the Windows Update process, addressing security vulnerabilities. The company shared more details regarding these attacks following the rollout of these protective measures. **Meeting Takeaways:** 1. **Subject Matter**: Microsoft has addressed security concerns related to recently disclosed downgrade attacks. 2. **Focus**: … Read more

Windows Downdate tool lets you ‘unpatch’ Windows systems

by

August 27, 2024 at 01:22PM SafeBreach security researcher Alon Leviev has developed the Windows Downdate tool to enable downgrade attacks on current Windows 10, Windows 11, and Windows Server systems, reintroducing old vulnerabilities. Based on the meeting notes, it appears that SafeBreach security researcher Alon Leviev has released a tool called Windows Downdate. This tool … Read more

Windows Update downgrade attack “unpatches” fully-updated systems

by

August 7, 2024 at 04:31PM SafeBreach security researcher Alon Leviev disclosed at Black Hat 2024 two unpatched zero-days that can be exploited in downgrade attacks on up-to-date Windows 10, 11, and Windows Server systems. Microsoft issued advisories for CVE-2024-38202 and CVE-2024-21302, providing mitigation guidance. The vulnerabilities allow for system compromise, making fully patched systems susceptible … Read more