Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Microsoft Windows zero-day disclosed on Twitter, again
#1
Quote:A security researcher has disclosed a Windows zero-day vulnerability on Twitter for the second time in the span of two months. The researcher, who goes online by the pseudonym of SandboxEscaper, also published proof-of-concept (PoC) on GitHub.

This second Windows zero-day affects the Microsoft Data Sharing (dssvc.dll), a local service that provides data brokering between applications. According to several security experts who analyzed the zero-day's PoC, an attacker can use it to elevate their privileges on systems they already have access to. The PoC, in particular, was coded to delete files for which a user would normally need admin privileges to do so. With the appropriate modifications, other actions can be taken, experts believe.

The zero-day only affects recent versions of the Windows OS, such as Windows 10 (all versions, including the latest October 2018 Update), Server 2016, and even the new Server 2019, according to several security experts who confirmed the PoC.

Source: https://www.zdnet.com/article/microsoft-...ter-again/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AWZ Screen Recorder
AWZ Screen Recorder ...zevish — 11:05
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>