With Windows zero-day vulnerability, Microsoft once again gets into the bad situation. A new vulnerability in the Windows operating system task scheduler privilege escalation has been discovered and uncovered by a Twitter user. More specifically, the user SandboxEscaper tweets about a bug in the microblogging platform yesterday.
This indicates that the user is linked to a page in Github where the proof of concept (PoC) for the vulnerability is located. After the vulnerability became known, CERT/CC security bug analyst Will Dormann analyzed the bug and reported that the zero-day vulnerability works very well on a fully “patched” Windows 10 64-bit operating system.
According to the CERT security report, this vulnerability is defined as a local vulnerability in the Windows task scheduler caused by errors in the handling of Advanced Local Procedure Call (ALPC) systems.
In case this error is exploited, a local user could be granted privileges over the system. Because ALPC is a local system, the consequences are limited, but the fact that the zero-day vulnerability gets disclosed is a headache for Microsoft.
https://twitter.com/SandboxEscaper/status/1034125195148255235
Currently, there are no known intermediate solutions for the bug that was evaluated with a vulnerability score (CVSS) of 6.4 to 6.8. The SandboxEscaper tweet was removed after the vulnerability was discovered, but Redmond’s company confirmed the error and claims that it will proactively update the affected devices as soon as possible.
The solution for this vulnerability will most likely be available on September 11 as new Microsoft security patches arrive unless the company decides to release a last-minute patch to fix this situation.