Google’s security pro posted the details of the vulnerability back in May through Full Disclosure mailing list rather than reporting it to Microsoft first and now has gone ahead with publishing of a working exploit. This is not the first instance where Ormandy has opted for full disclosure without first informing the vendor of the affected software.
Ormandy discovered a bug in Windows kernel’s EPATHOBJ::pprFlattenRec function and in his full disclosure back in May he wrote “As vuln-dev is dead, I thought I’d post here, I don’t have much free time to work on silly Microsoft code, so I’m looking for ideas on how to fix the final obstacle for exploitation.”
In the latest post the security expert noted that he managed to develop a privilege escalation exploit while working with progmboy. He also noted that another working exploit may already be circulating in the wild.
The latest vulnerability so disclosure should surely see Microsoft on its toes and force it to release a patch at the earliest as along with the vulnerability a working exploit has also been made available. Hackers may already have started working on including the exploit in their hacking toolkits and using the latest vulnerability they may be able to build code that may disable the antivirus software without invoking the UAC prompt following which they may even be able to install a rootkit into the system.