Home > News content

The new Windows 10 0day vulnerability was maliciously disclosed by hackers

via:cnBeta.COM     time:2019/5/22 22:31:37     readed:56

access:

Microsoft China Official Store - Windows

The new vulnerability is categorized as a Local Privileges Upgrade (LPE) vulnerability that can be used to increase the privilege of running rancid code on a computer by exploiting vulnerabilities in the Task Scheduler. Fortunately, hackers cannot exploit this vulnerability alone to invade computers in the first place, but may use them in conjunction with these types of vulnerabilities.

In addition to the source code of the vulnerability, SandboxEscaper alsoPosted a videoShows the situation where this zero-day vulnerability was attacked. It has been tested and confirmed to be inWindows10 32-bit systems are running, but we believe that with some modifications, we can see that it runs on all versions of Windows and has been "downward compatible" to Windows XP and Windows Server 2003.

according toMicrosoftThe vulnerability was not warned in advance, so the company must now race against time to resolve the issue. The next patch, Tuesday, is scheduled for mid-June, while attackers can use this window to attack systems around the world.

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments