Windows 10 May 2019 Update Doesn’t Tackle A Significant Vulnerability

The latest major update for Windows 10, Windows 10 May 20019 Update, was released recently, but a major problem has surfaced. The new update doesn’t contain any patch for one of the most important security flaws, linked to the Task Scheduler feature. By gaining control over the Task Scheduler, a malicious entity may be able to obtain full administrator rights over the target system.

The security bug was discovered by a hacker known under the moniker of SandBoxEscaper. It seems that the exploit offers a huge potential for nefarious purposes. In an interesting move, the hacker decided to share the information about the bug on GitHub, an open software repository which was recently bought by the Redmond giant. The post is accompanied by a proof-of-concept (or PocC) code, which proves that the vulnerability is real.

The security exploit has been classified an in the zero-day category, but Microsoft didn’t offer any official reaction. It is likely that the company is working on a patch which should address the vulnerability.

Windows 10 May 2019 Update Doesn’t Tackle A Significant Vulnerability

Tech-savvy users will now that the Task Scheduler is one of the most famous components for the popular operating system, with the first version of the tool being introduced with Windows 95. The tool became quite popular, and Microsoft has decided to add in all the Windows versions which have been released after Windows 95. Over the years the tool has received major improvements, and it can launch and execute programs and scripts at a predefined time or time interval.

Unlike other system features, the program doesn’t need to obtain system permission before a task is completed. This trait allows entities to exploit an arbitrary DACL (Discretionary Access Control List) permission. It is thought that even a weaker program or an attacker with limited privileges can use a modified .job file to gain system privileges.

When this goal is achieved, malware can be used to infect the system and gain access to sensitive files and features. It is hoped that Microsoft will fix the issue in the following days.

Be the first to comment

Leave a Reply

Your email address will not be published.