Posted on Leave a comment

VU#906424: Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface

The Microsoft Windows task scheduler SchRpcSetSecurity API contains a vulnerability in the handling of ALPC,which can allow an authenticated user to overwrite the contents of a file that should be protected by filesystem ACLs. This can be leveraged to gain SYSTEM privileges. We have confirmed that the public exploit code works on 64-bit Windows 10 and Windows Server 2016 systems. We have also confirmed compatibility with 32-bit Windows 10 with minor modifications to the public exploit code. Compatibility with other Windows versions is possible with further modifications. This vulnerability is being exploited in the wild.

Leave a Reply

Your email address will not be published. Required fields are marked *