News Centre

Hacker Reveals New Zero-Day Windows Exploit Via Twitter Post!

Article by Diogo Correa
October 25, 2018

SHARE THIS POST:

Microsoft-Vulnerability-Tech-Patrol

He has done it again. Two months ago a “security researcher” who goes by the Twitter alias @SandBoxEscaper publicly dropped a zero-day exploit which showed a vulnerability residing within the Microsoft Jet Database Engine which allows an attacker to remotely execute malicious code on any vulnerable windows computer. Yesterday @SandboxEscaper did it again by releasing another proof-of-concept exploit for a new Windows zero-day vulnerability.

SandBoxEscaper has posted a link to a Github page hosting a proof-of-concept (PoC) exploit for the vulnerability that appears to be a privilege escalation flaw residing in Microsoft Data Sharing (dssvc.dII). This data sharing service runs as a LocalSystem account that provides brokering between applications whilst also giving extensive privileges.

sandboxescaper twitter post

The Data Sharing Service (DSS) provides data brokering between applications along with a local service that runs as LocalSystem account with extensive privileges.

 

 

Why Should I Be Worried?

This flaw will allow a low-privileged attacker to elevate privileges on a target system, though the PoC exploit code (deletebug.exe) released by the “researcher” only allows a low privileged user to delete critical system files – that otherwise would only be possible via admin level privileges.

“Not the same bug I posted a while back, this doesn’t write garbage to files but actually deletes them.. meaning you can delete application dll’s and hope they go look for them in user write-able locations. Or delete stuff used by system services c:\windows\temp and hijack them,” the researcher wrote.

There is one positive (sort of) this vulnerability does not affect later versions of Windows operating systems including 7 or 8.1. 👏👏👏👏👏

This PoC exploit has successfully been tested against fully-patched Windows 10 systems:


Not only has SandBoxEscaper leaked a second Windows zero-day vulnerability in less than two months, but this irresponsibility has also once again left all Windows users vulnerable to hackers until the next month’s security patch Tuesday, which is scheduled for November 13 2018.

If you need assistance please contact us as soon as possible.

 

Other Articles That May Interest You:

Share your thoughts in the Comments section:

Subscribe For The Latest In Technology

Other Posts You May Like

TECH NEWS & UPDATES

Please enter your name.
Please enter a valid email address.
Something went wrong. Please check your entries and try again.

RECENT POSTS

Microsoft Azure

Introduction to Azure – A Core Cloud Service

Microsoft Responds to COVID-19

Microsoft Responds To COVID-19 By Offering E1 Licenses Free For The Next 6-Months

teams_video_calls_intelligent_workplace

Microsoft Teams vs Zoom. What is right for your business?

Microsoft Azure

Azure Firewall Manager now supports virtual networks.

White Paper

Enjoy this free eBook

Tech Patrol - Microsoft Office 365

White Paper (Why businesses Are Migrating to Cloud)

  • This field is for validation purposes and should be left unchanged.
hacker-reveals-new-zero-day-windows-exploit-via-twitter-post-tech-success
Scroll to Top