Microsoft Windows task scheduler zero-day escalation vulnerability

Brink

Brink

Administrator
Staff member
Local time
2:34 PM
Messages
74,806
Location
Oklahoma
Overview

Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges.

Description

Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges. We have confirmed that the public exploit code works on 64-bit Windows 10 and Windows Server 2016 systems. Compatibility with other Windows versions may be possible with modification of the publicly-available exploit source code.

Impact

A local user may be able to gain elevated (SYSTEM) privileges.

Solution

The CERT/CC is currently unaware of a practical solution to this problem.

Vendor Information (Learn More)

Vendor: Microsoft
Status: Affected
Date Notified: 27 Aug 2018
Date Updated: 27 Aug 2018
Click to expand...


Read more:
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Self built custom
OS
64-bit Windows 11 Pro for Workstations
CPU
Intel i7-8700K OC'd to 5 GHz
Motherboard
ASUS ROG Maximus XI Formula Z390
Memory
64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz
Graphics Card(s)
ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
Sound Card
Integrated
Monitor(s) Displays
2 x Samsung Odyssey G7 27"
Screen Resolution
2560x1440
Hard Drives
1TB Samsung 990 PRO M.2,
4TB Samsung 990 PRO PRO M.2,
TerraMaster F8 SSD Plus NAS
PSU
Seasonic Prime Titanium 850W
Case
Thermaltake Core P3
Cooling
Corsair Hydro H115i
Keyboard
Logitech wireless K800
Mouse
Logitech MX Master 4
Internet Speed
2 Gb/s Download and 100 Mb/s Upload
Antivirus
Malwarebyte Anti-Malware Premium
Browser
Google Chrome
Other Info
Logitech Z625 speaker system,
Logitech BRIO 4K Pro webcam,
HP Color LaserJet Pro MFP M477fdn,
APC SMART-UPS RT 1000 XL - SURT1000XLI,
Galaxy S23 Plus phone
Does this also affect earlier versions of Windows?
All the articles I've read state it only applies to Windows 10 and Server 2016.

Edit: Ignore that, I just noticed this in the description: "Compatibility with other Windows versions may be possible with modification of the publicly-available exploit source code."
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Win 7 Ultimate, Win 8.1 Pro, Linux Mint 19 Cinnamon (All 64-Bit)
CPU
Intel i5 4690K
Motherboard
Gigabyte Z97X-UD3H
Memory
Corsair Vengeance LP 32GB DDR3
Graphics Card(s)
MSI GTX 1060 GAMING X 6GB
Sound Card
Onboard
Hard Drives
Samsung 850 EVO 250GB SSD (x2)
Samsung 860 EVO 1TB SSD (x2)
Crucial MX300 525GB SSD
WD Blue 2TB 5400rpm Intellipark Disabled (x2)
PSU
Corsair HX750i
Case
Phanteks Enthoo Pro
Cooling
CM Hyper 212 EVO on CPU, Noctua Redux NF-P14S 1500rpm (x6)
Keyboard
Corsair K70 RGB LUX
Mouse
Corsair Sabre RGB
Antivirus
Avast Free, MalwareBytes, SAS & CryptoPrevent
Browser
Chrome
Other Info
StarTech PEXESAT322I 2 Port PCI-E SATA Card
ASUS PCE-AC56 Dual-band AC1300 Wireless Card
Akasa FC.Six Manual Fan Controller
And a Partridge in a Pear Tree!
You must log in or register to reply here.

Similar threads

Type 1 Font Parsing Remote Code Execution Vulnerability for Windows
Replies
10
Views
2K
bobby76
B
Internet Explorer zero-day lets hackers steal files from Windows PCs
Replies
0
Views
622
Brink
Brink
Microsoft Exchange vulnerable to PrivExchange zero-day
Replies
0
Views
1K
Brink
Brink
Eclypsium finds security flaws in 40 kernel drivers from 20 vendors
Replies
0
Views
1K
Brink
Brink
KB4340556 .NET Framework Security & Quality Rollup updates - Windows 7
Replies
1
Views
4K
LevelBest
LevelBest
Back
Top