Industry News

Windows Zero-Day Vulnerability Comes With PoC on GitHub

A new zero-day vulnerability was recently made public following a Tweet from @SandboxEscaper, who claimed to be frustrated with Microsoft and, apparently, their bug submission process.

The tweet included a link to the proof-of-concept for the alleged zero-day vulnerability on GitHub, prompting security researchers to download and test @SandboxEscaper’s claims.

Following an assessment by CERT/CC vulnerability analyst Phil Dormann, the bug was verified and confirmed to be working on a fully-patched 64-bit Windows 10 machine, enabling attackers to gain admin privileges if exploited.

It’s unclear if the zero-day would work on all Microsoft supported Windows versions, including 32-bit ones, but it’s definitely cause for concern, since the PoC is publicly available and can easily be weaponized by threat actors.

While the zero-day does require some specific conditions for execution – an attacker needs the victim to download and execute a tainted application for the vulnerability to be exploited, an attack vector that is not uncommon, especially with APTs (Advanced Persistent Threats) and spearphishing.

“Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges,” reads the CERT/CC advisory. “The CERT/CC is currently unaware of a practical solution to this problem.”

While it’s uncertain whether Microsoft had been previously notified by @SandboxEscaper regarding the zero-day, the tweet does suggest that an interaction with Microsoft caused some friction.

Following the incident, a Microsoft spokesperson claims the company will “proactively update impacted devices as soon as possible,” potentially during a Patch Tuesday release.

About the author


Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That's what's been helping him work his everything off as a passionate tech news editor for the past couple of years. He is the youngest and most restless member of the Bitdefender writer team and he covers mobile malware and security topics with fervor and a twist. His passions revolve around gadgets and technology, and he's always ready to write about what's hot and trendy out there in geek universe.