Windows 10 zero day was posted to GitHub

New Windows 10 zero day: A security researcher and exploit broker known as SandboxEscaper today published details of a zero day affecting Windows 10 and Windows Server 2019 operating systems.

The details posted on GitHub, in the same repository, where the researcher has already published another eight zero days.

Today's exploit is a second workaround for Microsoft's CVE-2019-0841 vulnerability. The first exploit for the same vulnerability was published before weeks.

Windows 10 zero day

According to Microsoft, CVE-2019-0841 concerns a vulnerability that allows με πολύ λίγα δικαιώματα να καταλάβουν τα owned by NT AUTHORITY\SYSTEM with a simple overwriting of the target file's permissions. 

Successful exploitation of course gives "full control" rights to the low that had minimal rights, according to Nabeel Ahmed of Dimension Data Belgium, who revealed the error to Microsoft.

Microsoft has released for the first time an update for CVE-2019-0841 April 2019.

On GitHub today, SandboxEscaper reports that there is a second way to bypass CVE-2019-0841 fixes and allow an attacker with very few rights to "play" with files that he previously did not have full control over.

Here we should mention that this is another one vulnerability LPE (local privilege escalation), which means that attacking hackers can not exploit the error to enter systems, but can use it to gain full access to files that they would not normally have control over.

The zero day introduced today by SandboxEscaper uses an innovative technique, but there are certainly easier, faster and more efficient ways to get a higher permissions on Windows - for example, using one of SandboxEscaper's previous zero days.

It's also worth mentioning that even though Microsoft had time to patch the previous three zero days, it didn't. Let's see if it does on the next Patch Tuesday scheduled for next week, 11 June.

_________________ The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).