SandboxEscaper is back with a new Privilege Escalation Exploit.
On this occasion, she defeated a patch which Microsoft released in April for CVE-2019-0841, and as usual, released the exploit with proof-of-concept exploit code.
Thankfully the exploit requires code running on a local machine, vs a remote exploit, but will allow hackers with limited privileges to gain full control of a protected file, such as WIN.ini in her demo exploit.
CERT/CC has confirmed the exploit works on Windows 10 versions 1809 and 1903 running the latest security updates from Microsoft.
A video of the exploit can be seen below:
SandboxEscaper has so far released 9 zero-day exploits since August 2018, and according to a somewhat unhinged message on her website still has another up her sleeve.