There has been found a vulnerability in Microsoft Windows task scheduler. The local privilege escalation vulnerability exists in the Advanced Local Procedure Call (ALPC) interface. By exploiting the vulnerability a local user can obtain SYSTEM privileges of the affected system.
Currently there is no official patch available for the vulnerability. Acros Security has published an unofficial micropatch against the vulnerability for fully updated 64bit Windows 10 version 1803 and fully updated 64bit Windows Server 2016. It's always good to remember that if unofficial patch/workaraound is used then it should be considered only a temporary solution and removed when the official patch by Microsoft becomes available.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment