SafeBreach Labs’ researcher Alon Leviev exposed flaws in Microsoft’s Windows Update system. These flaws allow attackers to launch undetectable downgrade attacks. Hackers can revert fully patched Windows machines to vulnerable states, turning fixed issues into zero-day threats. Leviev demonstrated how a manipulated Update process can bypass security features, exposing systems to thousands of old vulnerabilities.
Leviev’s research, sparked by the BlackLotus UEFI Bootkit discovery, highlights vulnerabilities in the Windows virtualization stack. The downgrade attacks are nearly undetectable and may impact systems. Microsoft is working on a security update to address these flaws. However, a comprehensive patch is not yet available, leaving systems at risk.