Ethical Hacking: Research into OS vulnerabilities and Vulnerabilities Test Rational
Added on 2023-04-25
14 Pages2305 Words257 Views
Running head: ETHICAL HACKING
Ethical Hacking
Name of the Student
Name of the University
Author Note:
Ethical Hacking
Name of the Student
Name of the University
Author Note:
1ETHICAL HACKING
Table of Contents
Introduction..........................................................................................................................3
Research into OS vulnerabilities.........................................................................................3
Vulnerabilities Test Rational...............................................................................................5
Methodology........................................................................................................................6
Detail Finding......................................................................................................................7
Conclusion.........................................................................................................................10
Recommendation...............................................................................................................10
References..........................................................................................................................12
Table of Contents
Introduction..........................................................................................................................3
Research into OS vulnerabilities.........................................................................................3
Vulnerabilities Test Rational...............................................................................................5
Methodology........................................................................................................................6
Detail Finding......................................................................................................................7
Conclusion.........................................................................................................................10
Recommendation...............................................................................................................10
References..........................................................................................................................12
2ETHICAL HACKING
Introduction
Vulnerability testing also known as Vulnerability Assessment is a kind of software
testing for evaluating any kind of security risk in the operating system. The test is carried out to
reduce any kind of threat in the operating system (Nourian and Madnick 2018). Vulnerability is
any kind of mistake in the procedure of operating system which is in the design and
implementation phase. Any kind of internal control may result in violation of the policy of
system security. There are some possibilities for hackers to easily get unauthorized access
(Waltermire and Harrington 2015). Vulnerability analysis mainly depends on two kinds of
mechanism that is penetration testing and vulnerability assessment.
The coming pages of the report is all about research in OS (Operating System)
vulnerabilities. After that, a list of vulnerability test has been provided along with justification of
conducted test. A list of methods has been discussed how the penetration test is conducted. For
the analyzed vulnerability, a list of parameters has been discussed in details like source, impact,
likelihood, and risk assessment. The last section of the report is all about a list of
recommendation by which the found vulnerabilities can be overcome.
Research into OS vulnerabilities
There are top five vulnerabilities in Windows Operating System like
Win32K evaluation of Privilege Vulnerability
Windows 10 Wi-Fi Sense Contract sharing.
Microsoft Font Driver Vulnerability
Vulnerabilities in Internet Explorer.
Vulnerabilities in Microsoft Edge.
Introduction
Vulnerability testing also known as Vulnerability Assessment is a kind of software
testing for evaluating any kind of security risk in the operating system. The test is carried out to
reduce any kind of threat in the operating system (Nourian and Madnick 2018). Vulnerability is
any kind of mistake in the procedure of operating system which is in the design and
implementation phase. Any kind of internal control may result in violation of the policy of
system security. There are some possibilities for hackers to easily get unauthorized access
(Waltermire and Harrington 2015). Vulnerability analysis mainly depends on two kinds of
mechanism that is penetration testing and vulnerability assessment.
The coming pages of the report is all about research in OS (Operating System)
vulnerabilities. After that, a list of vulnerability test has been provided along with justification of
conducted test. A list of methods has been discussed how the penetration test is conducted. For
the analyzed vulnerability, a list of parameters has been discussed in details like source, impact,
likelihood, and risk assessment. The last section of the report is all about a list of
recommendation by which the found vulnerabilities can be overcome.
Research into OS vulnerabilities
There are top five vulnerabilities in Windows Operating System like
Win32K evaluation of Privilege Vulnerability
Windows 10 Wi-Fi Sense Contract sharing.
Microsoft Font Driver Vulnerability
Vulnerabilities in Internet Explorer.
Vulnerabilities in Microsoft Edge.
3ETHICAL HACKING
Vulnerability in Win32k elevation: It is one of the common flaws in the window 10
component which is known as scrollbar element (DiMase et al. 2015). Through this
vulnerability, hacker can easily gain control on windows machine through any escalation mode.
Microsoft has come up with release patch for overcoming flaw.
Windows 10 Wi-Fi contact sharing: Windows 10 has been designed in such a way that
it will share the Wi-Fi credential to majority of the contacts (Morrison et al. 2015). It will
ultimately make both Wi-Fi and hotspot sharing much easier. So this sharing makes the
vulnerability in the contact without any authorization from user.
Vulnerability in Microsoft Font Driver: Another kind of Manager which is seen in
Windows is that they are unable to handle any kind of OpenType fonts. It will ultimately result
in remote code execution and its vulnerability (Younis, Malaiya and Ray 2016). So, this gives
the hacker a room to easily access to the system and programs that are installed. At present,
Microsoft has come up with patch for this flaw but it cannot be manually downloaded and
installed.
Vulnerability of Internet Explorer: Microsoft browser also aims to share its
vulnerabilities that come up windows 10 (Schwarz et al. 2017). The biggest flaw in this
operating system is that hacker can easily gain access to system by the help of browser. All the
required details of patch are available on security bulletin page.
Vulnerabilities in Microsoft Edge: Microsoft Edge is considered to be an unsecured
browser (Singhal and Ou 2017). There are some available codes of execution and bypass of
security exploit that allows the hacker to easily gain access to the system. The patch is available
under the security bulletin page.
Vulnerability in Win32k elevation: It is one of the common flaws in the window 10
component which is known as scrollbar element (DiMase et al. 2015). Through this
vulnerability, hacker can easily gain control on windows machine through any escalation mode.
Microsoft has come up with release patch for overcoming flaw.
Windows 10 Wi-Fi contact sharing: Windows 10 has been designed in such a way that
it will share the Wi-Fi credential to majority of the contacts (Morrison et al. 2015). It will
ultimately make both Wi-Fi and hotspot sharing much easier. So this sharing makes the
vulnerability in the contact without any authorization from user.
Vulnerability in Microsoft Font Driver: Another kind of Manager which is seen in
Windows is that they are unable to handle any kind of OpenType fonts. It will ultimately result
in remote code execution and its vulnerability (Younis, Malaiya and Ray 2016). So, this gives
the hacker a room to easily access to the system and programs that are installed. At present,
Microsoft has come up with patch for this flaw but it cannot be manually downloaded and
installed.
Vulnerability of Internet Explorer: Microsoft browser also aims to share its
vulnerabilities that come up windows 10 (Schwarz et al. 2017). The biggest flaw in this
operating system is that hacker can easily gain access to system by the help of browser. All the
required details of patch are available on security bulletin page.
Vulnerabilities in Microsoft Edge: Microsoft Edge is considered to be an unsecured
browser (Singhal and Ou 2017). There are some available codes of execution and bypass of
security exploit that allows the hacker to easily gain access to the system. The patch is available
under the security bulletin page.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Vulnerability Test for Windows 10lg...
|14
|1689
|285
CRYPTOGRAPHY AND SECURITY VULNERABILITIES OF SYSTEMSlg...
|12
|794
|21
Ethical Hacking: OS Vulnerabilities and Penetration Testinglg...
|12
|2002
|39
Network Vulnerability And Cyber Securitylg...
|15
|1453
|15