New Windows Zero-Day vulnerability disclosed on Twitter

August

28, 2018

A frustrated security researcher has revealed a new zero-day bug for fully-patched Windows 10 PCs which would allow any software running on your PC to gain system-level privileges. In the now deleted tweet he said:

Here is the alpc bug as 0day: https://t.co/m1T3wDSvPX I don’t fucking care about life anymore. Neither do I ever again want to submit to MSFT anyway. Fuck all of this shit.

— SandboxEscaper (@SandboxEscaper) August 27, 2018

The bug is a local exploit (ie the software needs to be running on your PC already) and involves the Windows task scheduler.

CERT has verified the bug and reports:

Description
Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges.

Impact
A local user may be able to gain elevated (SYSTEM) privileges.

Solution
The CERT/CC is currently unaware of a practical solution to this problem.

While CERT is not aware of a solution at present Microsoft, speaking to The Register,  said they will “proactively update impacted advices as soon as possible”, and will of course regularly distributed security fixes on Patch Tuesday.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}