Recently, an anonymous security scientist going by the name of SandboxEscaper today publicized a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating systems.
The SandboxEscaper is known for publicly dropping 0-day exploits for un-patched Windows vulnerabilities. In the past year, the hacker has disclosed over half a dozen 0-day vulnerabilities concerning Windows OS without actually bothering to make Microsoft aware of the issues first.
Just two weeks ago, the hacker, SandBoxEscaper disclosed four new Windows OS exploits, one of which was an exploit that could allow attackers to bypass a patched elevation of privilege vulnerability (CVE-2019-0841) in Windows that existed when Windows AppX Deployment Service (AppXSVC) improperly handles hard links.
Now, the hacker claims to have found a new way to bypass Microsoft security patch for the same vulnerability, allowing a specially crafted malicious application to escalate its privileges and take complete control of patched Windows machine.
Now, the hacker claims to have found a new way to bypass Microsoft security patch for the same vulnerability, allowing a specially crafted malicious application to escalate its privileges and take complete control of patched Windows machine.
SandBoxEscaper explains that
"It's going to increase the thread priority to increase our odds of winning the race condition that this exploits. If your VM freezes, it means you either have 1 core or set your VM to have multiple processors instead of multiple cores... which will also cause it to lock up."
0 Comments
Please comment on our page thank you