Notebookcheck

Researcher reveals new zero-day Windows 10 vulnerabilities

Windows 10 still has enough security breaches, and Microsoft does not seem to be willing to fix them in a timely manner.  (Source: YouTube)
Windows 10 still has enough security breaches, and Microsoft does not seem to be willing to fix them in a timely manner. (Source: YouTube)
Controversial security researcher SandboxEscaper revealed three zero-day exploits that are still not patched in the latest May update for Windows 10. The researcher details how attackers can gain complete access of a Windows 10 system through flaws in the Windows Error Reporting service, the Windows Task Scheduler and Internet Explorer 11, and promised to unveil two more exploits soon.

One might think that, with all the updates that have been released in the past 4 years, Windows 10 would be decently polished in the security department, but this clearly is not the case, as revealed by controversial security researcher SandboxEscaper. For some reason, Microsoft is still releasing updates that include zero-day flaws, and SandboxEscaper is exposing them before they get fixed. In the latest May update for Windows 10 alone SandboxEscaper managed to find three zero-day flaws, and even more will soon be unveiled.

Among the exploits, there is one that the researcher named AngryPolarBearBug2, which seems to be a new version of a flaw related to the Windows Error Reporting service discovered in December 2018. This new bug makes use of the discretionary access control list that is attached to objects found in the Active Directory. The list specifies which users and groups can access said objects and what kind of operations can be performed with them. SandboxEscaper notes that this exploit requires advanced skills and it may take up to 15 minutes to activate it, yet, upon successful trigger, the attacker can edit any Windows file and system executables.

There is also a local privilege escalation bug which occurs in the Windows Task Scheduler. Attackers can’t directly break into systems via this exploit, but they can run a malformed .job file that can elevate initial low-privileges to admin access, granting total control over the entire system. SandboxEscaper released a video explaining how this works and pointed out that this exploit is only confirmed to work on 32-bit versions of Windows 10.

A third vulnerability was discovered within Internet Explorer 11, a web browser that is still included in Windows for legacy purposes, even though Microsoft is trying to promote Edge now. This type of exploit allows attackers to inject malicious code in the browser itself, making it easier for them to setup later attacks through exploit-chains.

SandboxEscaper is planning to unveil two more zero-day flaws and these will be posted on her blog and Github.

Working For Notebookcheck

Are you a techie who knows how to write? Then join our Team! Especially English native speakers welcome!

Currently wanted: 
News and Editorial Editor - Details here

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2019 05 > Researcher reveals new zero-day Windows 10 vulnerabilities
Bogdan Solca, 2019-05-23 (Update: 2019-05-23)
Bogdan Solca
Bogdan Solca - News Editor
I stepped into the wonderous IT&C world when I was around 7. I was instantly fascinated by computerized graphics, be them from games or 3D applications like 3D Max. I like to keep myself up to date with all the new technologies that get released at an ever increasing rate these days. I'm also an avid SciFi reader, an astrophysics aficionado and, as of late, a crypto geek.