Sandbox Escape Vulnerability Discovered in Microsoft Windows

Dr Irving Hofman

A serious flaw has been discovered with Microsoft's task scheduler that allows a local user to obtain system privileges. There is currently no practical solution to address the vulnerability.

A working proof of concept is already available on Github. It affects Windows 10 and Server 2016. Older operating systems may also be affected. This vulnerability allows an attacker to elevate the access level of malicous code from a restricted user role to a full access system account utilising the Advanced Local Procedure Call (ALPC) interface which is part of the Windows Task Scheduler.

The vulnerability was announced on twitter and has taken everyone by surprise. Microsoft has not had time to address the issue yet. Microsoft's next security updates aren't scheduled until September 11. Will they release an emergency patch before then?

Once again, this highlights the importance of having a comprehensive arsenal of complementary security systems to protect yourself from malware, data breaches and the like. This is currently the only line of defense you have to protect your systems from this major security flaw. It better be a strong one!

Contact Exigence to find out more about IT Security