Microsoft Windows task scheduler 0-day outed on Twitter

Angled Microsoft logo

A privilege escalation bug has been discovered in Windows' task scheduler and revealed on Twitter. A proof-of-concept has been published, and the vulnerability has been confirmed to be present in a "fully-patched 64-bit Windows 10 system".

The security flaw was exposed on Twitter by user SandboxEscaper -- who has since deleted his or her account. An advisory about the vulnerability has been posted on CERT/CC, and Microsoft says that it is working to fix the problem.

In a tweet posted from a now-deleted account, @SandboxExplorer linked to a proof-of-concept on GitHub saying: "Here is the alpc bug as 0day: I don't fucking care about life anymore. Neither do I ever again want to submit to MSFT anyway. Fuck all of this shit."

Shortly afterwards, CERT/CC vulnerability analyst Will Dormann confirmed the existence of the problem:

Noting that there is no practical solution available to the problem at the moment, a posting on CERT/CC explains that:

Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges.

The Vulnerability Note VU#906424 post goes on to say:

Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges.

It adds:

A local user may be able to gain elevated (SYSTEM) privileges.

In a statement given to the Register, a spokesperson for Microsoft said it would "proactively update impacted advices as soon as possible".

Image credit: spatuletail / Shutterstock

© 1998-2020 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.