New Windows 10 zero day: A security researcher and exploit broker known as SandboxEscaper today released details of a zero day affecting Windows 10 and Windows operating systems Server & Hosting 2019.
The details posted on GitHub, in the same repository, where the researcher has already published another eight zero days.
Today's exploit is a second bypass for the vulnerability CVE-2019-0841 by Microsoft. The first exploit for the same vulnerability was published two weeks ago.
According to Microsoft, CVE-2019-0841 is a vulnerability that allows users with very few permissions to access NT AUTHORITY \ SYSTEM files by simply overwriting the permissions of the target file.
Successful exploitation of course gives "full control" rights to the low that had minimal rights, according to Nabeel Ahmed of Dimension Data Belgium, who revealed the error to Microsoft.
Microsoft first released a information for CVE-2019-0841 April 2019.
On GitHub today, SandboxEscaper reports that there is a second way to bypass CVE-2019-0841 fixes and allow an attacker with very few rights to "play" with files that he previously did not have full control over.
Here we should mention that this is another one LPE (local privilege escalation) vulnerability, which means that attackers hackers they can't exploit the bug to break into systems, but they can use it to gain full access to files they wouldn't normally have control over.
The zero day presented today by SandboxEscaper uses an innovative technique, but there are definitely easier, faster and more efficient ways to get an elevated Windows privilege – for example, using one of the previous zero days of SandboxEscaper.
It is also worth noting that although Microsoft had time to fix the previous three zero days, it did not fix them. To see if he does it in the next Patch Tuesday which is scheduled for next week, June 11th.
_________________
- The new GoldBrute botnet tries to break 1,5 million servers with RDP
- Google Stadia comes in November: Everything you need to know
- Kaspersky Lab: became Kaspersky neat with a new logo
- Android 440 millions of installed apps with aggressive ads