Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP

Pierluigi Paganini August 22, 2021

Google disclosed the details of a Windows ​​AppContainer vulnerability because Microsoft initially had no plans to fix it.

Google Project Zero experts disclosed the details of a Windows ​​AppContainer flaw after Microsoft announced it had no plans to fix it.

The team focused its analysis on Windows Firewall and AppContainer that were designed by Microsoft to limit the attack surface of applications. Bypass network restrictions in AppContainer sandboxes could allow an attacker to access services on localhost, as well as granting access to intranet resources in an enterprise organization.

Google Project Zero researcher James Forshaw discovered an issue in the configuration of Windows Firewall that could allow attackers to bypass restrictions and allowed an AppContainer process to access the network.

“Recently I’ve been delving into the inner workings of the Windows Firewall. This is interesting to me as it’s used to enforce various restrictions such as whether AppContainer sandboxed applications can access the network. Being able to bypass network restrictions in AppContainer sandboxes is interesting as it expands the attack surface available to the application, such as being able to access services on localhost, as well as granting access to intranet resources in an Enterprise.” wrote Forshaw.

“I recently discovered a configuration issue with the Windows Firewall which allowed the restrictions to be bypassed and allowed an AppContainer process to access the network. Unfortunately Microsoft decided it didn’t meet the bar for a security bulletin so it’s marked as WontFix.”

According to Google, Microsoft decided to label the issue as WontFix.

“The default rules for the WFP connect layers permit certain executables to connect TCP sockets in AppContainers without capabilities leading to elevation of privilege.” reads the security advisory published by Microsoft. “Connecting to an external network resource from an AppContainer is enforced through default rules in the WFP. For example, connecting to the internet via IPv4 will process rules in the FWPM_LAYER_ALE_AUTH_CONNECT_V4 layer. This layer can contain rules such as “InternetClient Default Rule” which will match if the caller is in an AC and has the Internet Capability. If a match is made then the connection is allowed. Eventually an AC process will match the “Block Outbound Default Rule” rule if nothing else has which will block any connection attempt.”

The experts also published a proof-of-concept (PoC) exploit code, the C# project injects code into an instance of dmcertinst.exe to create a new socket and connect it to a user specified location.

The PoC could use any location excluding localhost, it leverages APCs to execute arbitrary function calls.

Upon running the PoC, it connects on a socket causeing an exception, the connection to the server succeeds and data can be read/written to the socket.Forshaw reported his findings to Microsoft on July 8, but the tech giant told him roughly 10 days later that it would not be fixing it due to the fact that exploitation requires compromising an AppContainer.

Google reported to Microsoft the issue, it did not wait for 90 days before publicly disclosing the issue because Microsoft said it would not release a patch.

Immediately after the public disclosure of the flaw, Microsoft told Google that it “decided to continue working on this issue, even though it was initially classified as out of scope.” The status of the issue was changed to “Started” which means that the company is working to address it.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, AppContainer)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment