Unpatched Windows 10 Exploit Affects Task Scheduler
CYBER NEWS

Unpatched Windows 10 Exploit Affects Task Scheduler

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Another proof-of-concept about a zero-day exploit affecting Windows 10 has been released.

The PoC code is published on GitHub and comes from an anonymous researcher or possible hacker known as SandboxEscaper, and that’s the fifth time the hacker releases a Windows zero-day.




More about the New Windows 10 Zero-Day Exploit

The zero-day is located in Task Scheduler which enables users to automatically perform routine tasks on their machines. The flaw exploits the so-called SchRpcRegisterTask, a component in Task Scheduler which registers tasks with the server. It appears that the component doesn’t properly check for permissions and can be exploited to set an arbitrary DACL (discretionary access control list) permission.

According to SandboxEscaper, the exploit will “result in a call to the following RPC “_SchRpcRegisterTask, which is exposed by the task scheduler service”.

Related: PowerPool Hackers Exploit Newly Identified Windows Zero-Day Vulnerability.

A malicious program or an attacker with low privileges can run a malformed .job file to obtain system privileges, thus enabling the attacker to gain full access to the targeted system. A proof-of-concept video reveales how the exploit works in real time. Furthermore, the flaw was tested and confirmed by Will Dormann, Vulnerability Analyst at the CERT/CC. The researcher successfully tested the exploit on a fully patched and up-to-date version of Windows 10, both 32-bit and 64-bit, as well as on Windows Server 2016 and 2018.

This is not the only zero-day exploit SandboxEscaper discovered, as the researcher/hacker has 4 more. Three of them lead to local privilege escalation and the other one enables attackers to bypass sandbox protection.

Currently there is no patch for the latest zero-day the hacker disclosed, as the round of security updates was already released for this month. Unfortunately, what Windows 10 users can do now is wait for a patch. Maybe Microsoft will release an emergency fix before next month’s Patch Tuesday.

Avatar

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...