New Windows 10 Zero-Day Vulnerability Revealed

Security researcher SandboxEscaper has published demo exploit code on GitHub for a new Windows 10 zero-day vulnerability, ZDNet reported on Wednesday.

LPE (local privilege escalation) vulnerabilities can't be used to break into systems, but hackers can use them at later stages in their attacks to elevate their access on compromised hosts from low-privileged to admin-level accounts, the report adds.

The exploit takes advantage of a bug in Windows Task scheduler by running a malformed .job file that exploits a flaw in the way the Task Scheduler process changes DACL (discretionary access control list) permissions for an individual file.

When exploited, the vulnerability can elevate a hacker's low-privileged account to admin access, which, in turn, grants the intruder access over the entire system.

The zero-day has only been tested and confirmed to work on Windows 10 32-bit systems. However, ZDNet reports that, in theory, the zero-day should also work on all Windows versions, including XP and Server 2003.

 

You might be interested also