Somebody has found a prolem with Windows 10 and the task manager. It has been dubbed SandboxEscaper. The twitter user is of the same name, clearly an account designed to spread the news without disrupting the author’s main account.
Microsoft Windows task scheduler contains a vulnerability in the handling of Advanced Local Procedure Call, which can allow a local user to gain SYSTEM privileges,
Microsoft has not commented so far but we expect to see something soon.
It seems that hardly a day goes by where something is found requiring a fix. Its more interesting when it is tweeted and the public finds out about it before the security teams.
We cannot emphasise enough on how important it is to use the most up to date version of Windows 10. You should also drivers and other packages. The app store usually keeps apps updated but its not a bad idea to check to be sure its updated
Here is the alpc bug as 0day: https://t.co/m1T3wDSvPX I don’t fucking care about life anymore. Neither do I ever again want to submit to MSFT anyway. Fuck all of this shit.
— SandboxEscaper (@SandboxEscaper) August 27, 2018
Since posting this article, the original Twitter post has been deleted. Guess the workload on Twitter’s databases was more than they wanted to handle.