A security analyst has openly unveiled the zero-day vulnerability in the Microsoft’s Windows OS that could enable a local user or malicious software to obtain system privileges on the machine. This zero-day has been confirmed to work on “fully-patched 64-bit Windows 10 system.”
The vulnerability is basically a privilege escalation aimed at task scheduler program and it is possible to execute beacuse of errors in the handling of Advanced Local Procedure Call (ALPC) systems. Advanced local procedure call (ALPC) is an internal operating system mechanism, specifific to Windows operating systems, it uses high-speed and secure data transfer between many processes in the regular user mode.
This exploit came from a twitter user nicknamed SandboxEscaper, who posted a Github page containing proof-of-concept exploit intended for privilege elevation in Windows OS.
“Here is the alpc bug as 0day: https://t.co/m1T3wDSvPX I don’t fucking care about life anymore. Neither do I ever again want to submit to MSFT anyway. Fuck all of this shit,” SandboxEscaper tweeted (archive), which has now been deleted.
According to a short post published by CERT/CC, this zero-day, if exploited, could allow local users to obtain SYSTEM privileges. SandboxEscaper did not contact Microsoft regarding the zero-day vulnerability, making all Windows users vulnerable to the hackers until next Windows Security update.
