Games in Microsoft Store Can Be Abused for Privilege Escalation on Windows
A new flaw in Windows can allow malicious actors to exploit the vulnerability to escalate privileges to SYSTEM on Windows 10 through utilizing access through the Microsoft Store. Researchers at IOActive uncovered the threat, which was patched in October as part of Microsoft’s monthly Patch Tuesday. The flaw is known as CVE-2020-16877 and is ranked as high severity.
Researchers discovered the vulnerability after investigating Microsoft’s allowance of modifications for some games available in the Microsoft store. The researcher downloaded a game with mods and analyzed the installation process, finding that an attacker could abuse the process by overwriting or deleting arbitrary files on the system. This would be easily achievable through creating symlinks (shortcut files) to modify or delete files and lead to an escalation of privileges.