Security expert exposures Windows 10 zero-day vulnerability
Recently, security experts have said through tweets that they can successfully use the zero-day vulnerability to obtain system-level permissions on a Windows 10 PC with the latest patch installed so that any application can be run.
https://twitter.com/sandboxescaper/status/1034125195148255235
This bug is a local vulnerability. CERT has validated the bug and related reports, and the description reads: “Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges. We have confirmed that the public exploit code works on 64-bit Windows 10 and Windows Server 2016 systems. Compatibility with other Windows versions may be possible with modification of the publicly-available exploit source code.” The Impact column writes that local users can grant privileges to the system.
Vulnerability analyst Will Dormann verified the authenticity of the zero-day bug.
I've confirmed that this works well in a fully-patched 64-bit Windows 10 system.
LPE right to SYSTEM! https://t.co/My1IevbWbz— Will Dormann (@wdormann) August 27, 2018
Currently, CERT/CC does not have a solution to this problem.