Disgruntled Security Researcher discloses Zero-Day vulnerability.

Disgruntled Security Researcher discloses Zero-Day vulnerability.

28 Aug 2018; A security researcher known as “SandboxEscaper”, apparently frustrated at trying to communicate a Zero Day exploit to Microsoft’s “Report a Computer Security Vulnerability” service today released Proof of Concept (POC) details of the vulnerability on GitHub. GitHub is used mainly by software developers.

Vulnerable is the Windows Task Scheduler. A second security researcher has confirmed that this exploit works well even on a fully patched 64-bit Windows 10 system.

Normally exploits are disclosed to the software developer and not publicised. In most cases this gives the manufacturer time to develop and release a patch to fix the vulnerability.
Microsoft is likely to release a patch in next month’s patch Tuesday, scheduled September 11th.

Be real careful until then, and make sure you don't skip patching.

Link: Full Article on The Hacker News


Back...
 
 
© 2018 CT Business Solutions Limited. All Rights ReservedPrivacy Policy Terms & Conditions View Desktop Version