0-day Windows exploit gets published on Twitter

Posted on Wednesday, August 29 2018 @ 9:49 CEST by Thomas De Maesschalck
MSFT logo
A Twitter user by the name of SandboxEscaper published a zero-day exploit for Windows on GitHub. The vulnerability enables local privilege escalation right to SYSTEM privileges, it basically enables malware or malicious logged-in users to gain access of the system. CERT/CC researcher Will Dormann confirmed the bug affects fully-patched 64-bit Windows 10 systems.
“Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges,” the alert stated.

ALPC, Advanced Local Procedure Call, restricts the impact somewhat, since it's a local bug: you have to be already logged in, or running code on, a machine to hijack it. However, it opens an all-too-familiar attack vector: if an attacker can get a target to download and run an app, local privilege escalation gets the malware out of the normal user context up to, in this case, system privileges. Ouch.


Microsoft is looking into the matter and will update as soon as possible.

Via: The Register

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.


Loading Comments

Share this story!

Latest news

Latest reviews