Recently, a hacker published demo exploit code on GitHub for a Windows 10 zero-day vulnerability. This particular zero-day vulnerability can be exploited to cause local privilege escalation (LPE), a condition in which a logged-in user can acquire additional privileges without having to authenticate as an administrator. This vulnerability cannot be exploited to break into a system, however. Rather, a hacker could use it at later stages in his or her attacks in order to elevate access on an already-compromised host (i.e., transition from low-privileged to an admin-level account).    

According to the zero-day posted on GitHub, the vulnerability resides in the Windows Task Scheduler process. Attackers can run a malformed .job file that exploits a flaw in the Task Scheduler process permissions for an individual file. When exploited, a hacker can elevate his or her low-privileged account access to admin level, giving the hacker control over the entire system.    

To make matters worse, the hacker published two more zero-day vulnerabilities; one local privilege escalation vulnerability in Windows Error Reporting and a sandbox escape vulnerability for Internet Explorer. There are no known mitigations for these vulnerabilities and users will need to wait for Microsoft to release a software update. 

As of now, the zero-day exploit has only been tested and confirmed to work on Windows 10 32-bit systems. Windows 10 computers subscribed to Symplexity’s automated patch management service will be patched after Microsoft releases the corresponding software update. 

Ross is the CISO at Symplexity. He has achieved CCIE Security and CISSP certifications, an MBA from the University of Notre Dame, and has 20 years of experience in the fields of computer and network security engineering and consulting. Ross provides virtual CISO services for our Symplexity Secure clients and helps them to identify information security risks and implement administrative, procedural, and technical controls to mitigate. He works effectively with both technical and managerial personnel and is a trusted resource for our clients.

Ready to take your technology to the next level?

Contact Us Now