Microsoft has quickly reacted to the disclosure Vulnerability-related.DiscoverVulnerability of a previously unknown zero-day vulnerability in the Windows operating system . On Monday , Twitter user SandboxEscaper revealed Vulnerability-related.DiscoverVulnerability the existence of the bug on the microblogging platform . As reported by the Register , the user said : `` Here is the alpc bug as 0day . I do n't f * * king care about life anymore . Neither do I ever again want to submit to MSFT anyway . F * * k all of this shit . '' The user linked to a page on GitHub which appears to contain a proof-of-concept ( PoC ) for the vulnerability . Following the disclosure Vulnerability-related.DiscoverVulnerability , on Tuesday , Will Dormann , vulnerability analyst at CERT/CC verified Vulnerability-related.DiscoverVulnerability the bug , adding that the zero-day flaw works `` well in a fully-patched 64-bit Windows 10 system Vulnerability-related.PatchVulnerability . '' The Windows vulnerability is described as Vulnerability-related.DiscoverVulnerability a local privilege escalation security flaw in the Microsoft Windows task scheduler caused by errors in the handling of Advanced Local Procedure Call ( ALPC ) systems . If exploited Vulnerability-related.DiscoverVulnerability , the zero-day bug permits local users to obtain system privileges . As ALPC is a local system , the impact is limited , but the public disclosure Vulnerability-related.DiscoverVulnerability of a zero-day is still likely a headache for the Redmond giant . There are no known workarounds for the vulnerability , which has been awarded a CVSS score of 6.4 -- 6.8 . SandboxEscaper 's tweet has since been deleted . However , Microsoft has acknowledged Vulnerability-related.DiscoverVulnerability the zero-day flaw . This is likely to take place Vulnerability-related.PatchVulnerability on September 11 , the next scheduled Microsoft Patch Tuesday , unless the firm decides to issue Vulnerability-related.PatchVulnerability an out-of-schedule patch . `` Windows has a customer commitment to investigate reported security issues , and proactively update impacted devices as soon as possible . Our standard policy is to provide solutions via our current Update Tuesday schedule . ''