Disgruntled Security Researcher discloses Zero-Day vulnerability.

Disgruntled Security Researcher discloses Zero-Day vulnerability.

28 Aug 2018; A security researcher known as “SandboxEscaper”, apparently frustrated at trying to communicate a Zero Day exploit to Microsoft’s “Report a Computer Security Vulnerability” service today released Proof of Concept (POC) details of the vulnerability on GitHub. GitHub is used mainly by software developers.

Vulnerable is the Windows Task Scheduler. A second security researcher has confirmed that this exploit works well even on a fully patched 64-bit Windows 10 system.

Normally exploits are disclosed to the software developer and not publicised. In most cases this gives the manufacturer time to develop and release a patch to fix the vulnerability.
Microsoft is likely to release a patch in next month’s patch Tuesday, scheduled September 11th.

Be real careful until then, and make sure you don't skip patching.

Link: Full Article on The Hacker News

© 2018 CT Business Solutions Limited. All Rights ReservedPrivacy Policy Terms & Conditions View Desktop Version
SQL: INSERT INTO TABLE_HIT_LOG (RECORDID,PAGE,IPADDRESS,BROWSER,VERSION,LOADTIME,MEMORY,DATEADDED) VALUES ('edit5c1009e899693','edit569edfaf47fb8','','Bot','Unknown', 0.0822319984436,4605312,1544554984)
Error: Table './ctsadmin_core/TABLE_HIT_LOG' is marked as crashed and should be repaired