A zero-day vulnerability that could give an attacker escalated privileges on Windows systems was disclosed today. Initially revealed by Twitter user SandboxEscaper, who posted a proof-of-concept to their GitHub, the vulnerability has since been verified by US-CERT.
According to US-CERT, the exploit is rooted in the Windows task scheduler, and it has been confirmed to work on 64-bit Windows 10 and Windows Server 2016 systems. From US-CERT:
Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges.
There's no known solution to the problem yet, and it currently works on fully-patched systems. However, Microsoft said in a statement to The Register that it will "proactively update impacted devices as soon as possible." A fix is most likely to arrive during Microsoft's next Patch Tuesday cycle, scheduled for September 11.
