A security researcher, nicknamed SandboxEscaper, announced the fifth zero-day vulnerability since August last year. The new vulnerability exists in Windows 10’s Task Scheduler and will allow local hackers to extend general privileges to administrative privileges.
SandboxEscaper boasted on Tuesday, “I have four more unpatched bugs where that one came from. Three LPEs [local privilege escalations], all gaining code exec as system, not lame delete bugs or whatever, and one sandbox escape.”
Due to the continuous release of zero-day vulnerabilities in Windows, SandboxEscaper’s Twitter account was stopped at the end of December last year and has not been restored yet. However, SandboxEscaper continues to publish its research results through blogs and GitHub, and released evidence of the attack display video.
In addition to this task scheduler vulnerability, SandboxEscaper also said that it still has four other vulnerabilities, three of which are local-side privilege expansion vulnerabilities, which can extend permissions to administrative privileges, and the other is sandbox escape vulnerability.
SandboxEscaper said that her expertise lies in discovering Windows’s local-side privilege expansion vulnerability. She seems to be unfriendly to Microsoft because it expresses welcome to all parties to offer prices, rather than providing these vulnerabilities to vendors. Actually, SandboxEscaper has a reputation for releasing exploit code without any prior disclosure to Microsoft. It is reported that the price of a single vulnerability is not less than 60,000 US dollars.
“If any non-western people want to buy LPEs, let me know. (Windows LPE only, not doing any other research nor interested in doing so). Won’t sell for less then 60k for an LPE. I don’t owe society a single thing. Just want to get rich and give you fucktards in the West the middle finger,” SandboxEscaper said.
Published by & last updated on May 24, 2019 1:36 am