Hacker Discloses Unpatched Windows Zero-Day Vulnerability

A security researcher has publicly disclosed the details of a previously unknown zero-day vulnerability in the Microsoft’s Windows operating system that could help a local user or malicious program obtain system privileges on the targeted machine.

And guess what? The zero-day flaw has been confirmed working on a “fully-patched 64-bit Windows 10 system.”

The vulnerability is a privilege escalation issue which resides in the Windows’ task scheduler program and occured due to errors in the handling of Advanced Local Procedure Call (ALPC) systems

Advanced local procedure call (ALPC) is an internal mechanism, available only to Windows operating system components, that facilitates high-speed and secure data transfer between one or more processes in the user mode.

The revelation of the Windows zero-day came earlier today from a Twitter user with online alias SandboxEscaper, who also posted a link to a Github page hosting a proof-of-concept (PoC) exploit for the privilege escalation vulnerability in Windows.

Since Advanced Local Procedure Call (ALPC) interface is a local system, the impact of the vulnerability is limited with a CVSS score of 6.4 to 6.8, but the PoC exploit released by the researcher could potentially help malware authors to target Windows users.

SandboxEscaper did not notify Microsoft of the zero-day vulnerability, leaving all Windows users vulnerable to the hackers until a security patch is release by the tech giant to address the issue.

Microsoft is likely to patch the vulnerability in its next month’s security Patch Tuesday, which is scheduled for September 11.

The CERT/CC notes it is currently unaware of any practical solution to this zero-day bug.

Leave a Reply

Your email address will not be published. Required fields are marked *