"STEELFOX" and "WinRing0.sys"

I’ve been contacted by several of my computer-service clients this morning, who are concerned because of an article they saw on msn dot com. The article concerns Kaspersky having discovered a new threat which they’ve dubbed “Steelfox” which is built around the surreptitious installation of a bogus driver called “WinRing0.sys.” I went and searched my way through norton dot com and can’t find any reference to either one. My clients want to know if they’re protected or not. Here’s the URL to the article: MSN

Issue abstract:

Detailed description:

Product & version number:

OS details:

What is the error message you are seeing?

If you have any supporting screenshots, please add them:

Hello. In a nutshell Norton should detect the attempted installation of these bogus drivers. Conversely, no A/V solution will ever have the ability to stop user clicks on links, message links, downloads, etc. Those actions will give the malware the exact permission level the user has at the time and point of entry. These users should not be using FF 95 for any reason even if running an OS that is no longer supported by its OEM. If they are they should upgrade.

Conversely. This is not something that is new. Actually. These two CVE’s are over 4 year old and should have already been patched. Updated software made available. They should ensure their OS is fully updated and on the most current release to be safe in a real time way.

CVE-2020-14979 -EVGA Motherboard / GPU specific hardware

*Updates for this software are here - EVGA - Software - EVGA Precision X1ᐪᔿ

CVE-2021-4128 - This bug only affects Firefox on MacOS. Other operating systems are unaffected. This vulnerability affects Firefox < 95.
https://nvd.nist.gov/vuln/detail/CVE-2021-4128

The most current version of FF is available here for download:

SA

1 Like

WinRing0.sys mentioned [here] scroll page for context

2 Likes

Thanks! I had a feeling this was “old news,” but my antennae went up when my search here turned up nothing.

Glad to help!! My apologies for the tardy reply. I’m setting up another gamer today, been busy as a bee with that. Have a great day!!

SA