Page 1 of 1

Reproducible SystemSettingsBroker stack overflow error!

Posted: Mon Sep 06, 2021 9:19 am
by 3ICE
I have no clue how to report bugs in Windows. Microsoft makes it exceedingly difficult to reach employees who know their stuff. My only hope is to get this post reported/escalated.

Repro steps:

Have a display enhancement - enabled monitor, like a laptop.

sc start DisplayEnhancementService

Click brightness control in action center (notifications button in boom right corner)

Change your brightness.

sc stop DisplayEnhancementService

sc disable DisplayEnhancementService

(both required due to design flaw, disable alone fails to stop it first.)

Change your brightness.

Observe crash in sys UI:

---------------------------

SystemSettingsBroker.exe - System Error

---------------------------

The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.

---------------------------

OK

---------------------------

Re: Reproducible SystemSettingsBroker stack overflow error!

Posted: Mon Sep 06, 2021 9:33 am
by 3ICE
For now I recommend disabling Display Enhancement Service

"A service for managing display enhancement such as brightness control."

Path: C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p

It has no dependencies.

Hotkey-based brightness control seems to work fine without it. A reboot will even remove the vulnerability. (Above can no longer be reproduced.)

Re: Reproducible SystemSettingsBroker stack overflow error!

Posted: Mon Sep 06, 2021 9:34 am
by 3ICE
Reported here: answers.microsoft.com/reproducible-systemsettingsbroker-stack-overflow under 583aba80-6938-4126-953d-4eedb663c8db