Windows 10 News and info | Forum
June 06, 2020, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Windows 10 zero-day exploit code released online  (Read 140 times)
Hero Member
Offline Offline

Gender: Male
United States United States

Posts: 31461

I Do Windows

WWW Email
« on: May 22, 2019, 11:00:34 AM »

A security researcher has published today demo exploit code on GitHub for a Windows 10 zero-day vulnerability.

The zero-day is what security researchers call a local privilege escalation (LPE).

LPE vulnerabilities can't be used to break into systems, but hackers can use them at later stages in their attacks to elevate their access on compromised hosts from low-privileged to admin-level accounts.

According to a description of the zero-day posted on GitHub, this vulnerability resides in the Windows Task Scheduler process.

Attackers can run a malformed .job file that exploits a flaw in the way the Task Scheduler process changes DACL (discretionary access control list) permissions for an individual file.

When exploited, the vulnerability can elevate a hacker's low-privileged account to admin access, which, in turn, grants the intruder access over the entire system.

The zero-day has only been tested and confirmed to work on Windows 10 32-bit systems.

However, ZDNet was told today that, in theory, the zero-day should also work, with some fine-tuning, on all Windows versions -- going back to XP and Server 2003 -- although this might require some testing and further confirmation over the coming days.

A demo of the proof-of-concept exploit code is embedded below.


The researcher who released this zero-day is named SandboxEscaper and has a reputation for releasing Windows zero-days online, without notifying Microsoft of these security flaws.

In 2018, she released four other Windows zero-days, which included:

- LPE in Advanced Local Procedure Call (ALPC)

- LPE in Microsoft Data Sharing (dssvc.dll)

- LPE in ReadFile

- LPE in the Windows Error Reporting (WER) system

While there has been no reported exploitation for the last three, the first was incorporated in active malware campaigns a few weeks after its release.

Microsoft patched most of these issues within one or two months after they were made public. Microsoft's next Patch Tuesday is scheduled for June 11.

« Last Edit: May 22, 2019, 01:55:42 PM by javajolt » Logged

Pages: [1]
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page January 07, 2020, 04:56:17 AM