Windows task scheduler 0-day vulnerability exploit code published

A local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface of Windows task scheduler was discovered. 

The Windows task scheduler ALPC 0-day vulnerability can allow a local user to gain SYSTEM level privileges. 

The vulnerability was disclosed by security researcher SandboxEscaper and proof-of-concept (PoC) exploit code was published on GitHub.

The threat as described by the CERT Coordination Center (CERT/CC): 

“Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges. We have confirmed that the public exploit code works on 64-bit Windows 10 and Windows Server 2016 systems. Compatibility with other Windows versions may be possible with modification of the publicly-available exploit source code.”

Neither a patch nor workaround was yet available at the time of the CERT/CC advisory last updated on Wednesday. 

Leave a Reply

Your email address will not be published. Required fields are marked *