A newly uncovered attack method now enables threat actors to circumvent Microsoft’s Driver Signature Enforcement (DSE) on Windows systems, even those with the latest updates, opening the door for downgrades of the operating system (OS).
“This vulnerability allows attackers to load unsigned kernel drivers, empowering them to deploy custom rootkits that can disable security protocols, obscure processes and network traffic, maintain stealth, and more,” explained Alon Leviev, a researcher at SafeBreach, in a report shared with The Hacker News.
These findings build on prior analyses, revealing two privilege escalation vulnerabilities in Windows updates (CVE-2024-21302 and CVE-2024-38202) that could be weaponized to revert a fully updated Windows system back to a previous version, riddled with unpatched security flaws.
The exploit manifests as a tool named Windows Downdate, which, according to Leviev, enables the manipulation of the Windows Update process, achieving undetectable, enduring, and irreversible downgrades of critical OS components.
Such an exploit offers attackers an effective alternative to traditional Bring Your Own Vulnerable Driver (BYOVD) attacks, allowing them to downgrade core modules, including the OS kernel itself.
Microsoft responded by addressing CVE-2024-21302 and CVE-2024-38202 in its Patch Tuesday updates on August 13 and October 8, 2024, respectively.
Leviev’s latest method takes advantage of the Windows Downdate tool to downgrade the “ItsNotASecurityBoundary” DSE bypass patch on a fully updated Windows 11 system.
The bypass, originally documented by Gabriel Landau of Elastic Security Labs in July 2024, was part of a new class of vulnerabilities named False File Immutability, along with another vulnerability termed PPLFault. Microsoft patched it in May.
In essence, this technique leverages a race condition to replace a legitimate security catalog file with a maliciously crafted version containing an Authenticode signature for an unsigned kernel driver, subsequently instructing the kernel to load it.
Microsoft’s code integrity mechanism, powered by the kernel library ci.dll, then parses the fake security catalog, validates the rogue signature, and loads the driver, ultimately providing the attacker with kernel-level code execution privileges.
The DSE bypass works by downgrading the ci.dll library to an older iteration (version 10.0.22621.1376), effectively negating Microsoft’s previous patch.
However, a defense measure exists that could thwart this bypass—Virtualization-Based Security (VBS). If VBS is active on the target system, the Secure Kernel Code Integrity DLL (skci.dll) takes over catalog validation instead of ci.dll.
Nevertheless, in many default configurations, VBS runs without a Unified Extensible Firmware Interface (UEFI) lock, allowing attackers to disable it by altering the EnableVirtualizationBasedSecurity and RequirePlatformSecurityFeatures registry keys.
Even when UEFI lock is active, an attacker could potentially disable VBS by replacing a critical file with an invalid one. To exploit this, attackers would follow these steps:
- Disable VBS through the Windows Registry or tamper with SecureKernel.exe
- Downgrade ci.dll to the unpatched version
- Restart the system
- Utilize the ItsNotASecurityBoundary DSE bypass to execute code within the kernel
The only scenario in which this technique is ineffective is when VBS is enabled with both a UEFI lock and a “Mandatory” flag. If VBS files are tampered with in this mode, the OS will refuse to boot. According to Microsoft, the Mandatory setting halts the boot sequence if any critical virtualization components, such as the Hypervisor or Secure Kernel, fail to load.
For comprehensive protection against this vulnerability, systems must have VBS enabled with both UEFI lock and the Mandatory flag set. In any other configuration, attackers can disable VBS, perform the DSE bypass, and proceed with their kernel-level exploit.