EIP-2026-117513

PRE-CVE

Microsoft Windows - 'LegitCheckControl.dll' Genuine Advantage Validation Patch

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117513. PoCs published by HaCkZaTaN.

AI-analyzed exploit summary This code patches the LegitCheckControl.dll file to bypass Windows Genuine Advantage validation by modifying specific bytes in the DLL. It directly writes to the file at predefined offsets to alter its behavior.

Description

Microsoft Windows - 'LegitCheckControl.dll' Genuine Advantage Validation Patch

Exploits (1)

exploitdb WORKING POC VERIFIED

by HaCkZaTaN · clocalwindows

https://www.exploit-db.com/exploits/1128

View Code ZIP pw:eip

This code patches the LegitCheckControl.dll file to bypass Windows Genuine Advantage validation by modifying specific bytes in the DLL. It directly writes to the file at predefined offsets to alter its behavior.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: LegitCheckControl.dll (1.3.254.0)

No auth needed

Prerequisites: Access to the target system's file system · Presence of LegitCheckControl.dll

MITRE ATT&CK

T1548.002 - Bypass User Account Control

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026