Windows 10: A zero-day flaw in Windows 10 reportedly discovered, patch will land soon

According to reports, a security researcher has discovered an unpatched vulnerability in the Windows 10 operating system. The security researcher reportedly revealed the vulnerability on Twitter.

It’s a zero-day flaw that exists in Windows 10 and it could allow an attacker to gain system privileges on an affected computer, according to CERT/CC vulnerability analyst Phil Dormann. The vulnerability was disclosed in a tweet by @SandboxEscaper and the account has been removed.

It appears that vulnerability exists in task scheduler on Windows 10 but there’s no easy way to exploit the security flaw. The successful exploitation of the vulnerability requires the user to download a malicious app on a machine.

I've confirmed that this works well in a fully-patched 64-bit Windows 10 system.
LPE right to SYSTEM! https://t.co/My1IevbWbz

— Will Dormann (@wdormann) August 27, 2018
​

“Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges,” the advisory reads.

“Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges. A local user may be able to gain elevated (SYSTEM) privileges.” “A local user may be able to gain elevated (SYSTEM) privileges,” the advisory explains.

Another report claims that the patch for the said vulnerability may land soon. There’s a chance that Microsoft will deploy updates to address this vulnerability on next Patch Tuesday, which takes place on September 11.

Disclaimer: The information contained in this article is based on a report from The Register and CERT/CC analysts. Windows Latest makes no claims, guarantees about the accuracy or completeness in this article or linked pages, and shall not be held responsible for anything we say in this article.

The post A zero-day flaw in Windows 10 reportedly discovered, patch will land soon appeared first on Windows Latest

Weiterlesen...

 

Java zero-day security flaw exploited in the wild

Java zero-day security flaw exploited in the wild | ZDNet

 

Windows Zero-Day Flaw Goes on Sale for $90,000

A Windows zero-day vulnerability that gives hackers system privileges to compromised devices is being sold for US$90,000. (Works on ALL Windows Versions)



For $90,000, Windows zero day flaw could be yours
A Windows zero day flaw that reportedly works against all versions of Windows from Windows 2000 to the latest Windows 10, is up for sale for $90,000. The local privilege escalation (LPE) vulnerability is being sold on a Russian cybercrime forum exploit.in and claims to help attackers who already have access to target machines. The vulnerability, thus, can be used along with other vulnerabilities to successfully run malware code and get admin access on the victim devices running Windows operating system.

The seller known as BuggiCorp on the forum has published two proof-of-concept videos of an exploit that makes use of this zero-day vulnerability. One of these videos demonstrates the exploit being successfully used with Microsoft’s popular EMET (Mitigation Toolkit) running on the target machine. Enhanced Mitigation Experience Toolkit brings a number of security features to the Windows operating system, working against both known and unknown Windows vulnerabilities, and third-party applications running on the OS.


The vulnerability, as shown in the PoC videos show the exploit working on a Windows 10 machine, and elevating cmd.exe process to system level privilege account, essentially giving a hacker admin rights. Researchers have said that having access to an employee’s account, a hacker could turn an unprivileged account to an admin account with god-mode rights.


Security researchers from Trustwave’s SpiderLabs team have done an extensive post on this claimed vulnerability, and the team says the “seller has put in the effort to present himself/herself as a trustworthy seller with a valid offering.”

One of the main indicators for this is the fact that the seller insists on conducting the deal using the forum’s admin as the escrow.

[…] A quick thought about the price of this zero day. We don’t have many public records of what the price of such exploit should be… the price here seems on the high end but still within a realistic price range, especially considering the return on investment criminals are likely to make using this exploit in any campaign.

SpiderLabs also says that it’s comparatively rare to see such zero-day flaws being offered for sale in the open. “Zero days have long been sold in the shadows. In this business you usually need to “know people who know people” in order to buy or sell this kind of commodity,” the team noted.

Microsoft will be a likely buyer of this zero-day flaw as the company spends more than $90,000 to find out about such critical flaws. The Windows zero day flaw went on sale on “Patch Tuesday,” making sure that the exploit will work for longer time, until Microsoft releases a fix.





http://wccftech.com/windows-zero-day-flaw-goes-on-sale-for-90000/

 

Flash zero-day flaw under attack to spread ad malware...

More