“This can be used as a preliminary step for a more targeted attack, and it can also be used as a disruptive attack by dismounting volumes used by the system through the compromise of a normal user account.” The only possible attack is on a shared machine (for example a server) where a user can dismount volumes mounted by others and he can also list all mounted volumes and get their properties (file location, partition, algorithms used, size…),” Idrassi said. “This is not as critical as the first one. This allows an attacker to impersonate another user on the same machine and allow them to dismount a VeraCrypt volume or change how the software is configured. The second vulnerability, CVE-2015-7359, occurs because the TrueCrypt driver does not validate the security context of the calling user, Idrassi said. It also can be exploited to attack servers if TrueCrypt is installed and even if no volumes are mounted: it is enough to compromise the account of a normal user on this server to get remote access and from there run the exploit to get administrative rights and do nasty things on the server.” ![]() “This can be exploited by a malware to get full access to the machine just by running on the context of a normal user. “This is a critical issue since any process can call a driver, which means that any process can get full admin privileges,” Idrassi said. An attacker can leverage a running process to get full administrative privileges. Idrassi said that an attacker could abuse the vulnerability, in which the TrueCrypt driver does not properly validate the drive letter symbolic link used for mounting volumes. ![]() A request to Google for additional comment was not returned in time for publication. TrueCrypt was audited by NCC Group Cryptography Services, and aside from a few code quality issues and security vulnerabilities, it was given a clean bill of health.īoth vulnerabilities were rated critical, but one of them, CVE-2015-7358, is more pressing than the other, said Mounir Idrassi, who runs VeraCrypt. This happened shortly after the Snowden revelations of 2013 kicked off a firestorm of concern over government backdoors in important software projects. TrueCrypt last year famously shut down development of any new versions and updates after its mysterious and anonymous handlers pulled the plug on the project. Researcher James Forshaw has not yet made public any details about the flaws, but said on his Twitter feed that the vulnerabilities, though not added intentionally into the codebase, are the type that could have slipped past a code audit and review.Įven though my #truecrypt bugs weren’t back doors it’s clear that it was possible to sneak them past an audit □ VeraCrypt is one of two projects that forked the last available TrueCrypt build-CipherShed being the other. ![]() Recently, researchers from Google’s Project Zero team uncovered a pair of elevation of privilege vulnerabilities in TrueCrypt, both of which were patched this weekend in VeraCrypt, one of the remaining free disk encryption software packages for Windows available. ![]() TrueCrypt may be a fond memory for most of its users, but that hasn’t stopped researchers and hackers from poking about the open source encryption software.
0 Comments
Leave a Reply. |