serious 0-day Windows exploits to Microsoft and give the company ample time to patchVulnerability-related.PatchVulnerabilitythe vulnerabilities before they can be used to create malware and do harm . A security researcher that goes by the Twitter handle SandboxEscaper , however , decided it would be a good idea to exposeVulnerability-related.DiscoverVulnerabilitya 0-day threat to the world on Twitter , without forewarningVulnerability-related.DiscoverVulnerabilityMicrosoft , and even linked to proof on concept code on GitHub that has since been verified as functional . The language in the original Tweet prevents me from directly embedding it here . SandboxEscaper essentially saidVulnerability-related.DiscoverVulnerability, “ Here is the alpc bug as 0day ... I do n't * * * * ing care about life anymore . Neither do I ever again want to submit to MSFT anyway ... ” The official post on the CERT/CC website explainsVulnerability-related.DiscoverVulnerability, “ The Microsoft Windows task scheduler SchRpcSetSecurity API containsVulnerability-related.DiscoverVulnerabilitya vulnerability in the handling of ALPC , which can allow a local user to gain SYSTEM privileges . We have confirmedVulnerability-related.DiscoverVulnerabilitythat the public exploit code works on 64-bit Windows 10 and Windows Server 2016 systems . We have also confirmedVulnerability-related.DiscoverVulnerabilitycompatibility with 32-bit Windows 10 with minor modifications to the public exploit code . Compatibility with other Windows versions is possible with further modifications. ” At this point , Microsoft does not have a patch at the ready , but according to reports a fix will be comingVulnerability-related.PatchVulnerabilityin the next batch of patch Tuesday updates . Because the exploit requires the local execution of code , it doesn ’ t necessarily warrant an out-of-band update . However , with proof of concept code readily available , it ’ s possible nefarious individuals could trick less savvy users into running the code and gain full access to their systems . As always , never execute any files from unknown or untrusted sources.The bug lies in the Windows Task Scheduler ’ s Advanced Local Procedure Call , or ALPC , interface . It allows a local user to gain system level privileges and have free reign over the system to do whatever they want , including overwriting / modifying system files . Will Dormann of CERT/CC verifiedVulnerability-related.DiscoverVulnerabilitythe original exploit code works on a fully patched Windows 10 x64 installation and later modified the code to work on 32-bit systems as well .
A Windows zero-day bug has made the news . By zero-day , it means that a vulnerability has been exposedVulnerability-related.DiscoverVulnerabilitybut it is not yet patchedVulnerability-related.PatchVulnerability. Darren Allan in TechRadar was one of the tech watchers reportingVulnerability-related.DiscoverVulnerabilityon the vulnerability , which could occur through a privilege escalation bug . `` The user linked to a page on GitHub which appears to contain a proof-of-concept ( PoC ) for the vulnerability , '' said Charlie Osborne in ZDNet . `` CERT/CC ( the US cybersecurity organization which looks to counter emerging threats ) has confirmedVulnerability-related.DiscoverVulnerabilitythat this vulnerability can be leveraged against a 64-bit Windows 10 PC which has been fully patchedVulnerability-related.PatchVulnerabilityup to date , `` said TechRadar , in turn referring to a story in The Register , Richard Chergwin , The Register , had reportedVulnerability-related.DiscoverVulnerabilitythat `` CERT/CC vulnerability analyst Will Dormann quickly verifiedVulnerability-related.DiscoverVulnerabilitythe bug . '' CERT/CC did a formal investigation , and posted an advisory . `` 'Microsoft Windows task scheduler containsVulnerability-related.DiscoverVulnerabilitya vulnerability in the handling of ALPC , which can allow a local user to gain SYSTEM privileges , ' the alert stated . '' This can be leveraged to gain SYSTEM privileges . We have confirmedVulnerability-related.DiscoverVulnerabilitythat the public exploit code works on 64-bit Windows 10 and Windows Server 2016 systems . We have also confirmedVulnerability-related.DiscoverVulnerabilitycompatibility with 32-bit Windows 10 with minor modifications to the public exploit code . Compatibility with other Windows versions is possible with further modifications . '' Should we worry ? Allan said it is a local bug . The attacker would have to be already logged into the PC to exploit it , or be running code on the machine . But wait . Though local , Ars Technica 's Peter Bright let its readers know what the flaw allows one to do . Not pretty . Bright wrote that `` The flaw allows anyone with the ability to run code on a system to elevate their privileges to 'SYSTEM ' level , the level used by most parts of the operating system and the nearest thing that Windows has to an all-powerful superuser . '' Osborne in ZDNet said that while the impact was limited , `` the public disclosure of a zero-day is still likely a headache for the Redmond giant . ''