A Security Researcher named @SandboxEscaper disclosed a Zero-day in Windows that allowed for a privilege escalation. The vulnerability occurs due to the Windows’ task scheduler program and links to the error handling of Advanced Local Procedure Call (ALPC) System.
For More Information Visit: Microsoft Windows Zero-Day
When is Microsoft going to address the update?
The company has planned to push a security patch to the September 11th build of the Windows Operating System but in the meantime, a patch was released by the Opatch Community. Opatch is a community of security experts who address software security flaws. The community is famous for developing patches that are less than 30 bytes in size. The community has released the fix within 24 hours after the public disclosure of the vulnerability, the patch is only 13 bytes in size.
Okay people, 24 hours after the 0day was published we have a micropatch candidate for @SandboxEscaper's LPE in Task Scheduler. As you can see, scheduler's access to user-controlled hardlink is impersonating the user and gets ACCESS DENIED. pic.twitter.com/3kHcXdY42H
— 0patch (@0patch) August 28, 2018
Experts validated and verified the micro patch for @SandboxEscaper LPE task scheduler and its currently working for the 64-Bit Windows 10 1803.
“As the researcher’s POC shows, one can use this vulnerability to replace a system executable file and wait for a privileged process to execute it. In particular, it was shown that a printing-related DLL could be replaced and then performed by triggering the Print Spooler Service to load it,” reads the analysis published by 0patch.
Is this a permanent fix?
This is just a temporary fix, Windows users are advised to apply the official Microsoft updates as one becomes available. Opatch has also warned of unexpected errors that will be caused by the unofficial fix they have released.
Microsoft’s update will not only fix this problem in a more informed way but will also bring fixes for other vulnerabilities that we don’t have micro patches for. Yes, we hate losing hours of our lives to updating our systems too, but wouldn’t dream of outright replacing official updates with our micro patches” concludes oparch.
Take your time to comment on this article.