A zero-day vulnerability that could give an attacker escalated privileges on Windows systems was disclosed today. Initially revealed by Twitter user SandboxEscaper, who posted a proof-of-concept to their GitHub, the vulnerability has since been verified by US-CERT.
According to US-CERT, the exploit is rooted in the Windows task scheduler, and it has been confirmed to work on 64-bit Windows 10 and Windows Server 2016 systems. From US-CERT:
Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges.
There's no known solution to the problem yet, and it currently works on fully-patched systems. However, Microsoft said in a statement to The Register that it will "proactively update impacted devices as soon as possible." A fix is most likely to arrive during Microsoft's next Patch Tuesday cycle, scheduled for September 11.
PS5 games prices are higher than Xbox — but is that a good thing?
Sony's PlayStation 5 reveal came with some big caveats, and one of the most overlooked ones is the fact that games will be more expensive, seemingly across the board. Should Microsoft and Xbox jump on that train as well?
Review: Gigabyte's Z490 AORUS ULTRA is a gorgeous Intel motherboard
Gigabyte's Z490 AORUS ULTRA is a motherboard you should consider for a 10th or 11th Gen Intel-powered PC. On paper, it has plenty going for it, including amazing power design and cooling, passively cooled M.2 slots and good overclocking support.
You can get the Windows 10 October 2020 update early – here's how
In this guide, we'll show you the steps to upgrade your computer to the final release of the Windows 10 October 2020 Update before it's officially available to everyone.
The NFL is back! Check out these must-have Windows apps for football fans
After months of waiting through a unique offseason and no preseason games, the NFL is finally back this week. With these Windows 10 apps, you won't miss a snap of the NFL action.