Windows Phone 8.1 Privilege Escalation Vulnerability

Windows Phone 8.1 Privilege Escalation Vulnerability

After Microsoft announced its 19-year-old Super vulnerability, developers found a vulnerability on Windows Phone 8.1, Microsoft's latest operating system, attackers can exploit this vulnerability to crack Nokia Lumia mobile phones.

Vulnerability details

A xda hacker named DJAmol (the official website of the XDA developer forum is the world-renowned mobile device developer community such as Andriod and WindowsPhone) found a serious vulnerability in the Windows Phone 8.1 system. This vulnerability allows attackers to run with other APP permissions.

The implementation of the vulnerability is very simple: DJAmol finds that replacing the content of a native oem app that has been moved to the SD card still retains the original permissions. Therefore, attackers can delete and create a directory identical to that of the native APP and use the permissions of the previous APP.

Test Method

The following figure shows how XDA developersBlogTo test the vulnerability:

 

1. Develop an application package and install it on the target device. 2. purchase and install applications such as Glance Background Beta in the Windows mobile app store; 3. Delete all files in the application directory. 4. copy and paste the content in the package you have deployed to the target directory. 5. Start the replaced APP.

From the above steps, we can see that the entire Hack process is very simple. You only need to install an application from the Windows app store. Fortunately, the transfer of applications to the SD card has access restrictions, so attackers cannot raise their permissions too high.

The XDA Developer Forum pointed out that if attackers use the first-party application rather than the third-party application, they can exploit this vulnerability to gain higher permissions, the consequences may be more serious than they are now.