Home
Laptops
Laptops News
Windows 10 Task Scheduler Zero Day Vulnerability Exploit Leaked, Can Help Gain Level Access

Windows 10 Task Scheduler Zero-Day Vulnerability Exploit Leaked, Can Help Gain -Level Access m453m

The flaw is open for exploitation and remains unpatched. 355d49

By Nadeem Sarwar | Updated: 22 May 2019 14:28 IST

Windows 10 Task Scheduler Zero-Day Vulnerability Exploit Leaked, Can Help Gain -Level Access

The same researcher unearthed a zero-day vulnerability last year as well. 2q5tz

Highlights

The exploit can be tweaked to work on older versions of Windows
A proof-of-concept video has also been made public
Microsoft is yet to acknowledge the LPE vulnerability and fix it

ment

Windows 10 has been hit by yet another zero-day vulnerability that can allow malicious parties to gain -level privileges. The yet unnamed zero-day vulnerability can be exploited to break into a system and gain full control over it. The newly discovered threat to Microsoft's operating system can be classified as a Local Privilege Escalation (LPE) that can help hackers change the privilege level of an to level, and it is associated with the native Task Scheduler process. The exploit can reportedly work on previous versions like Windows XP and Windows Server as well.

The vulnerability was Microsoft, alongside a proof-of-concept video detailing the process of exploiting the flaw.

As mentioned above, the vulnerability is associated with the Windows Task Scheduler process wherein bad actors can run a malicious command to promote the level from low-privilege to control level. Once access is achieved, the malicious party can gain control over the entire system and target other system files. Will Dormann, a vulnerability analyst at CERT, has Windows 10 May 2019 build. The exploit affects 32-bit and 64-bit versions of Windows 10, Windows Server 2016 and Windows Server 2019.

Theoretically, the flaw can reportedly be exploited on all versions of Windows such as Windows XP, and dating all the way back to Windows Server 2003. The vulnerability is yet to be patched, which means it is open to exploit. SandboxEscaper also claims to have discovered four more unpatched Windows bugs, with three of them being LPEs and the last one being associated with the Sandbox process.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.