The new Windows 10 vulnerability allows an attacker full control of the computer

Security researcher, nicknamed SandboxEscaper, has just announced the launch of a new zero-day vulnerability in Windows 10, allowing attackers full control over the user’s computer. Earlier security vulnerabilities were reported by ZDNet.

The new zero-day vulnerability in Windows 10 is also known as “local privilege escalation”. When exploited, the vulnerability provides an attacker or other malware with control of the victim’s computer by elevating their privileges to the System level.

This problem is quite problematic because most malware (malware) can be limited by the user account limits that it infects. The escalating privilege is broken, providing malware with higher access.

New holes were discovered on Windows Task Scheduler. An attacker could create a file .job malicious, then delete the file and point to the kernel-level driver file (kernel) from where the file was deleted, then recreate the task to sneak a low-level process into the system kernel.

This effectively gives system privileges to attackers across devices, and they can do anything on the victim’s computer.

The test works on both 32-bit and 64-bit Windows. Also, according to ZDNet’s Catalin Cimpanu, after a bit of tweaking, he was able to perform successful attacks on all versions of Windows from Windows XP and earlier, but failed on Windows 7 and Windows 8.

With the newly reported zero-day flaw, it is likely that Microsoft will release the patch right in Patch Tuesday next month, scheduled for June 11. However from now until then, no one can be sure whether Windows 10 vulnerability whether to be exploited in the wild or not.
Additional: SandboxEscaper has added two new local escalation vulnerabilities on GitHub as early as May 22. In it a vulnerability is called “angrypolarbearbug2“, is a hard-to-reproduce strain that only works on specific hardware components. The other flaw is called”sandboxescape “, It’s not clear what the purpose of this vulnerability is, but it involves injecting malicious code into Internet Explorer 11 to grant remote attackers an escape from the sandbox.


Add a Comment

Your email address will not be published. Required fields are marked *