Handle the CVE, regarding Avast/AVG detections

[PatrickSchmidtSE]

Currently all winRing0 drivers have an open CVE.

LibreHardwareMonitor/LibreHardwareMonitor#984
https://www.cvedetails.com/cve/CVE-2020-14979/

Is this something, that could be adressed here?

[GermanAizek]

@SearchForTheCode,
I didn't know about this, thank you so much for the information, I'll try to find out if there is this CVE in our sources.
Is there no public POC exploit?

[PatrickSchmidtSE]

Youre welcome.
To me the problem seems to lie in the access which should use the secure methods.

Also here (LibreHardwareMonitor/LibreHardwareMonitor#984) they suggest to change the _PHYSICAL_MEMORY_SUPPORT .

They did not do it , because you probably need to sign the driver new, and this seems to be complicated :/

There is an article from 2019 on how to exploit, because HP used the driver on ALL notebooks ..
https://www.safebreach.com/resources/hp-touchpoint-analytics-dll-search-order-hijacking-potential-abuses-cve-2019-6333/

[GermanAizek]

@SearchForTheCode, to sign driver, an EV certificate is required, it is unlikely that I will be able to get it, since I am not a legal entity. But I am able to fix this CVE.

[PatrickSchmidtSE]

Yes, thats sadly true. Hard restrictions from MS here.