New Windows 10 zero-day vulnerability surfaces online with proof of concept video

By Digit NewsDesk | Published on May 23 2019
New Windows 10 zero-day vulnerability surfaces online with proof of concept video
HIGHLIGHTS

Researcher SandboxEscaper has released new Windows 10 zero-day vulnerability.

The new flaw Is associated with local privilege escalation (LPE).

It enables an attacker to gain admin level access, once they get into a system.

Apple iPhone XR 64GB at Lowest Price Ever

6.1" display | 50% Faster Graphics performance | TrueDepth camera

Click here to know more

The researcher SandboxEscaper has again posted a zero-day vulnerability for the Windows operating system. The new flaw pertains to local privilege escalation (LPE) and a proof of concept video has also been posted demonstrating how it works. While the exploit isn't of the sort that enables an attacker to gain access to your computer, it does demo how one could, at a later stage, gain administrator-level system privileges. If an intruder finds a way to get into your system, this LPE exploit can be used to gain access over the complete system. As the flaw is said to be a zero-day vulnerability, there’s a good chance threat actors are already in action to use it for nefarious purposes. 

Microsoft recently started rolling out Windows 10 May Update 1903 so it could take some time before a fix for the LPE is made available. A vulnerability analyst at CERT/CC, Will Dormann, confirmed that the flaw is working. He tweets, “I can confirm that this works as-is on a fully patched (May 2019) Windows 10 x86 system. A file that is formerly under full control by only SYSTEM and TrustedInstaller is now under full control by a limited Windows user. Works quickly, and 100% of the time in my testing." Dormann also confirms that the vulnerability works on 64-bit Windows 10 as well. SandboxEscaper also mentions that there are four more unpatched bugs that are yet to be disclosed, three LPEs and one sandbox escape. 

It is unlikely that any real fix is available for the LPE until Microsoft issues a patch but as mentioned above, it can’t be used until someone gains access to your system. The best bet right now then seems to be protecting a system from external agencies. Users should avoid downloading malicious files and keep their system up to date. 

SandboxEscaper is infamous for releasing zero-day vulnerabilities. The researcher previously announced a flaw that’s capable of deleting system files and it was said to be affecting the Microsoft Data Sharing service (dssvc.dll) file, which is a local service for data exchange between applications. Exploiting the flaw, an attacker can gain admin permissions to compromise protected data on the computer. They can then delete system DLLs or replace them with malicious ones. 

logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.