Windows 10 News and info | Forum
September 23, 2018, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or Forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: A zero-day flaw in Windows 10 reportedly discovered, patch will land soon  (Read 41 times)
javajolt
Administrator
Hero Member
*****
Online Online

Gender: Male
United States United States

Posts: 28947


I Do Windows


WWW Email
« on: August 28, 2018, 03:44:43 PM »
ReplyReply



According to reports, a security researcher has discovered an unpatched vulnerability in the Windows 10 operating system. The security researcher reportedly revealed the vulnerability on Twitter.

It’s a zero-day flaw that exists in Windows 10 and it could allow an attacker to gain system privileges on an affected computer, according to CERT/CC vulnerability analyst Phil Dormann. The vulnerability was disclosed in a tweet by @SandboxEscaper and the account has been removed.

It appears that vulnerability exists in task scheduler on Windows 10 but there’s no easy way to exploit the security flaw. The successful exploitation of the vulnerability requires the user to download a malicious app on a machine.



“Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges,” the advisory reads.

“Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges. A local user may be able to gain elevated (SYSTEM) privileges.” “A local user may be able to gain elevated (SYSTEM) privileges,” the advisory explains.

Another report claims that the patch for the said vulnerability may land soon. There’s a chance that Microsoft will deploy updates to address this vulnerability on next Patch Tuesday, which takes place on September 11.

Quote
Disclaimer: The information contained in this article is based on a report from The Register and CERT/CC analysts. Windows Latest makes no claims, guarantees about the accuracy or completeness in this article or linked pages, and shall not be held responsible for anything we say in this article.


source
« Last Edit: August 29, 2018, 02:14:06 PM by javajolt » Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page September 14, 2018, 07:06:27 PM