Microsoft Windows zero-day disclosed on Twitter, again

[silversurfer]

A security researcher has disclosed a Windows zero-day vulnerability on Twitter for the second time in the span of two months. The researcher, who goes online by the pseudonym of SandboxEscaper, also published proof-of-concept (PoC) on GitHub.

This second Windows zero-day affects the Microsoft Data Sharing (dssvc.dll), a local service that provides data brokering between applications. According to several security experts who analyzed the zero-day's PoC, an attacker can use it to elevate their privileges on systems they already have access to. The PoC, in particular, was coded to delete files for which a user would normally need admin privileges to do so. With the appropriate modifications, other actions can be taken, experts believe.

The zero-day only affects recent versions of the Windows OS, such as Windows 10 (all versions, including the latest October 2018 Update), Server 2016, and even the new Server 2019, according to several security experts who confirmed the PoC.

Source: https://www.zdnet.com/article/microsoft-...ter-again/