A French security research firm has accidentality discovered a zero-day vulnerability that affects the Windows 7 and Windows Server 2008 R2 operating systems. The researchers found the vulnerability while they were working on updating a Windows security tool.
The vulnerability can be found in two misconfigured registry keys for the DNSCache and RPC Endpoint Mapper services that are part of every Windows installation. Clément Labro, the security researchers who discovered the vulnerability have said that an attacker must have a foothold on vulnerable systems to modify these registry keys which will then activate a sub-key usually employed by the Windows Performance Monitoring mechanism.