Windows 10 1903 Zero Day Exploit

[SumTingWong]

Content source

https://tweakers.net/nieuws/153158/hacker-zet-zero-day-voor-windows-10-online.html

Twitter(proof):

----- BEGIN PGP SIGNED MESSAGE -----
Hash: SHA512

######################################################### ###
## N C S C ~ S E C U R I T Y A D V I C E ##
######################################################### ###

Title: Vulnerability found in Windows 10
Advisory ID: NCSC-2019-0406
Version: 1.00
Chance: high
CPU ID:
(Details about the vulnerabilities can be found at
the Miter website: http://cve.mitre.org/cve/)
Damage: medium
Increased user rights
Date of issue: 20190522
Application:
Version (s):
Platform (s): Microsoft Windows 10

Description
Security researcher 'SandboxEscaper' has a vulnerability
Windows 10 published with no responsible disclosure process
followed with Microsoft. The vulnerability suggests a local
authenticated malicious, by abusing the
task scheduler, obtain SYSTEM rights. The malicious must
have a valid user,
password combination of a user running on the system
has user rights. This will create a task later
increased rights.

The security investigator has an mp4 file, among other things
published in which a Proof-of-Concept of the
zero-day vulnerability is displayed. The proper functioning of the
Proof-of-Concept code has been determined by the NCSC and the
vulnerability applies to both 32- and 64-bit Windows.

Possible solutions
No solution or mitigation is known for the time being.

Disclaimer
By using this security advisory you agree to the
following conditions. Despite the fact that the NCSC is the largest possible
has taken care in compiling this security advice,
the NCSC cannot guarantee completeness, accuracy or
(continuous) topicality of this security advice. The information
this security advice is intended solely as a general one
information for professional parties. To the information in this
no security rights can be derived. The NCSC
and the State are not liable for any damage as a result
of the use or impossibility of using this
security advice, including damage as a result of the
inaccuracy or incompleteness of the information in this
security advice. Dutch law applies to this security advice
applicable. All disputes related to and / or arising
from this security advice will be submitted to the exclusive
competent court in The Hague. This choice of law also applies to the
judge in interlocutory proceedings.

----- BEGIN PGP SIGNATURE -----
Version: Encryption Desktop 10.4.2 (Build 502)
Charset: UTF-8

wsDVAwUBXOVFDn + MTEyIH2VcAQrd2wv / VtoXRa + o2ZJlIxjxMFKogHg3dP6cJ8UJ
vmvH1duD7s1hDffA6PYkyUn6xyhJadBIrS3SurfDOqdNa0kwNRut2j0lm967vUIh
+ Pj6zQk1XeR1wfWpl2cfDmsf + IkqKSKZCIpaNm8s9x + PXxbUM2TrE2 + 4dQBWq2Io
IkZmowsTg6AqC2X2CvQWwflgkwrmHFbs7rWTh5pAtjk11ymeeB5 / BLkmDWOxOSu8
uQ7sh7nX6Iv7qBUqxv39Wwu2U20h2ypvfjnaVb5dJfWZMYJxmuzp494 + S77gJjbX
+ iQr3bxc9dSOM3de9MzziDrpdFdbywXft6tDtJ0KLSLqollBKfAxbTUPOd0 + R5No
44F6yYePDSEJIpBQ4EAwmUNP1nRXUNG9aMgmzXXlYVdnhqT8D / 42kiETvonEVrPO
N3JusLMuf6JGZ48NKSAeMDl0rXlEsd + 2RUfGOaGd + dLD7DxM50 / B8BnLBuI9wmFn
oelE4ZcNg93vXyQ37EBrvZiLLqQjDhXK
= jN + g
----- END PGP SIGNATURE -----

The vulnerability was discovered by an anonymous hacker named SandboxEscaper. It is not the first time that he has put a zero day for Windows online. Last year, the hacker already published four other leaks using local privilege escalation. The hacker did not report the vulnerability to Microsoft, which is common in such cases. The hacker sometimes blogs about the leaks. In it she says she wants to sell LPEs to 'non-Western people'. "I owe nothing to society, I just want to get rich and show everyone in the West my middle finger," he says.

Microsoft has not yet responded to the news. The leak was published two days after the last Patch Tuesday. The next patch day is scheduled for June 11, but perhaps Microsoft will come up with a solution earlier. The National Cyber Security Center is now also warning of the leak and the fact that no solution is yet available.

RIP current Windows 1903 users?

 

[Andy Ful]

M$ should ask INTERPOL to find SandboxEscaper, hire her, and also pay for all disclosed exploits.

 

[oldschool]

M$ should ask INTERPOL to find SandboxEscaper, hire her, and also pay for all disclosed exploits.

Is this what @cruelsister has been doing while using an alias?

 

[DeepWeb]

LMAO Task Scheduler has been Microsoft's achilles heel since Windows Xp. Can it ever be fully secured?

 

[RoboMan]

M$ should ask INTERPOL to find SandboxEscaper, hire her, and also pay for all disclosed exploits.

Disagree. This user needs to be either sentenced or forced to cooperate. What she is doing, finding vulnerabilities and disclosing them to the public without previous report to Microsoft is illegal and forces us, final users, to be always alert and create lots of security layers.

 

[Andy Ful]

Disagree. This user needs to be either sentenced or forced to cooperate. What she is doing, finding vulnerabilities and disclosing them to the public without previous report to Microsoft is illegal and forces us, final users, to be always alert and create lots of security layers.

I am not saying that SandboxEscaper is doing right, but this would not be the first example of a legally hired hacker.
Think what would happen if SandboxEscaper did not publish those exploits and silently sold them to criminals. Furthermore, did the US sentence Wernher von Braun who invented the V-2 rocket for Nazis? No, they simply hired him and he became the hero of NASA.

 

[Threadripper]

I agree with Andy Ful, and I'm not suggesting what they're doing is right but maybe it's teaching Microsoft a lesson... stop using code from Windows 98 and patches once a month aren't good enough.

 

[Andy Ful]

I agree with Andy Ful, and I'm not suggesting what they're doing is right but maybe it's teaching Microsoft a lesson... stop using code from Windows 98 and patches once a month aren't good enough.

They will not listen to you/us. They earned much money by maintaining backward compatibility.