+- Red Security (https://redsecurity.info/cc)
+-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1)
+--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4)
+--- Thread: News Windows 0-day pops up out of nowhere Twitter (/showthread.php?tid=723)
Windows 0-day pops up out of nowhere Twitter - Mr.Kurd - 08-28-2018
In The Name OF Allah
Al-Salam Alekum
![[Image: panic_shutterstock.jpg]](https://regmedia.co.uk/2017/05/03/panic_shutterstock.jpg)
Quote:Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges,” the alert stated.https://www.theregister.co.uk/2018/08/28/windows_zero_day_lpe/
ALPC, Advanced Local Procedure Call, restricts the impact somewhat, since it's a local bug: you have to be already logged in, or running code on, a machine to hijack it. However, it opens an all-too-familiar attack vector: if an attacker can get a target to download and run an app, local privilege escalation gets the malware out of the normal user context up to, in this case, system privileges. Ouch.
The vulnerability note stated: “The CERT/CC is currently unaware of a practical solution to this problem.
Wa Salam Alekum