New Windows 10 Zero-Day Exploit...and no patch yet

[exile360 22]

As January 2020 approaches, Microsoft and many users and businesses prepare for the end of support for Windows 7.  Microsoft has no doubt been salivating at the prospect of finally killing support for the one version of Windows still holding a large portion of market share compared to their latest OS Windows 10 (in spite of all of Microsoft's efforts to persuade everyone to 'upgrade' to the new OS, even going as far as pushing it out through Windows Update at one point; an incident that leaves a bad taste in many users' mouths, including mine).

One of the primary bullet points that Microsoft and others enthusiastic about the new OS love to point out is that Windows 10 is more secure than the now nearly 10 year old Windows 7 and that users would be far more secure if they upgraded to the latest version of Windows (in spite of countless privacy issues that many throughout the tech community and security industry have cited as reasons to avoid the new Microsoft OS), however a new vulnerability has been made public that allows a malicious user or malware to gain full privileged access to the system by exploiting a flaw in the Windows Task Scheduler, but this vulnerability does not exist in Windows 7 (or even Windows 8 for that matter), it only works in Microsoft's latest and greatest OS, Windows 10 (along with the latest versions of Windows Server which are based on the same code as Windows 10).

So far there is no patch available for this vulnerability but you can bet that Microsoft is scrambling to create one.  The individual who discovered and made public this vulnerability, known by the online handle SandboxEscaper, also claims that there are many more vulnerabilities where this came from, including at least 4 more nasty as of yet unrevealed vulnerabilities that provide full system privileges, one of which she claims is a sandbox escape, meaning not even Microsoft's recently implemented  sandbox feature in Windows 10 would be capable of containing it.

You can learn more about this newly published vulnerability in the following article from The Register:

https://www.theregister.co.uk/2019/05/22/windows_zero_day/

[Maurice Naggar 9]

Just some snippets from the article at TheRegister.

Quote

The exploit, as implemented, needs to know a valid username and password combo on the machine to proceed, it seems

 

about the revealer of the vuln

Quote

She's also rather peeved at the West and society in general, and hopes to sell some of her exploits to non-Western miscreants

 

[exile360 22]

5 hours ago, Maurice Naggar said:

about the revealer of the vuln

Yep, not exactly the most altruistic source.  In fact, apparently she's looking to sell the other vulnerabilities and is hoping to sell them to someone outside the west.  Pretty messed up.

Hopefully MS patches it fast, but more importantly, I hope they're able to discover the other 3 they mentioned before they can do any harm.

[exile360 22]

A few updates have been added to the article I linked to above with further info:

More technical details on the Task Scheduler exploit are now available here. Also, SanboxEscaper has released more exploits: a non-zero-day privilege escalation via the Windows Error Reporting system, and a zero-day mechanism for running malicious JavaScript in Internet Explorer 11 with high privileges that expected. There's also a system32 write bug, and another that grants user full read-write access to privileged files.