SandboxEscaper is back with a new Privilege Escalation Exploit.

On this occasion, she defeated a patch which Microsoft released in April for CVE-2019-0841, and as usual, released the exploit with proof-of-concept exploit code.

Thankfully the exploit requires code running on a local machine, vs a remote exploit, but will allow hackers with limited privileges to gain full control of a protected file, such as WIN.ini in her demo exploit.

CERT/CC has confirmed the exploit works on Windows 10 versions 1809 and 1903 running the latest security updates from Microsoft.

A video of the exploit can be seen below:

SandboxEscaper has so far released 9 zero-day exploits since August 2018, and according to a somewhat unhinged message on her website still has another up her sleeve.

Via BleepingComputer

Comments