ZERO-DAY Vulnerability in Microsoft Windows Leaked on Twitter [UNPATCHED]

Microsoft Windows Zero Day
Microsoft Windows Zero Day
(Last Updated On: August 28, 2018)

ZERO-DAY Vulnerability in Microsoft Windows 10 is Vulnerable To Gain Local System Privileges [UNPATCHED]

A security researcher has published a Windows Zero-day vulnerability on Twitter, that allows an attacker to gain system privileges on an affected computer. After that Twitter removed the status and suspended the account.


Sandbox Escaper Twitter

What is Privilege Escalation Vulnerability?

Privilege escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user.

CERT Advisory published the details,
“Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges.

Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges.”

The Patch is not available Yet. Zero-Day Works on fully patched Windows 10 operating system.

Will Dormann, the Vulnerability Analyst at the CERT/CC tweeted

According to Register, The Microsoft said that the vulnerability would be fixed on upcoming Tuesday, which takes place on 11th September 2018.

It means all Windows 10 versions are still Vulnerable and affected including updated versions, until it is not fully patched by Microsoft.

What can we do?

Currently, Windows 10 users are recommended not to install any files coming from untrust sources. Otherwise, your System can be targeted to the local privilege escalation.

Microsoft offers Up to $250,000 USD in their Bug Bounty programs.

Leave a Reply
Previous Article
Cyber Attack Rising

Cyber Attack On INDIA Are Rising from China, US And Russia- Report

Next Article
Intel 8th Generation

Intel Announces 8th Generation Core Processor With Secure Biometrics

Related Posts