A frustrated security researcher has revealed a new zero-day bug for fully-patched Windows 10 PCs which would allow any software running on your PC to gain system-level privileges. In the now deleted tweet he said:
Here is the alpc bug as 0day: https://t.co/m1T3wDSvPX I don’t fucking care about life anymore. Neither do I ever again want to submit to MSFT anyway. Fuck all of this shit.
— SandboxEscaper (@SandboxEscaper) August 27, 2018
The bug is a local exploit (ie the software needs to be running on your PC already) and involves the Windows task scheduler.
CERT has verified the bug and reports:
Description
Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges.Impact
A local user may be able to gain elevated (SYSTEM) privileges.Solution
The CERT/CC is currently unaware of a practical solution to this problem.
While CERT is not aware of a solution at present Microsoft, speaking to The Register, said they will “proactively update impacted advices as soon as possible”, and will of course regularly distributed security fixes on Patch Tuesday.