A vulnerability in Microsoft Windows task scheduler could allow a local user to gain elevated (SYSTEM) privileges.
The privilege escalation vulnerability is in the task scheduler's Advanced Local Procedure Call (ALPC) interface and can allow a local user to obtain SYSTEM privileges, according to the Aug 27 Cert advisory.
“Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges,” the advisory said. “We have confirmed that the public exploit code works on 64-bit Windows 10 and Windows Server 2016 systems.”
There is currently no practical solution to address the vulnerability.
Justin Jett, Director of Audit and Compliance for Plixer told SC Media the vulnerability signals a need to be extra vigilant regarding network users' behavior.
“The PoC released by “researcher” SandboxEscaper on Twitter gives malicious actors leverage needed to break into organizations to steal valuable information,” Jett said. “Network traffic analytics should continue to be used to detect anomalous traffic going across the network and to spot where users are behaving in a way that they historically don't.”
Jett added that such behavior could be a strong indicator that the glitch may already have been actively exploited. Ultimately, he said, will have to wait for Microsoft's response to the vulnerability but stressed that if they were to wait until the scheduled September 11 Patch Tuesday release, threat actors would have a two-week window to exploit the vulnerability.
Vulnerable SSH servers could be compromised to secure private RSA host keys through a new passive attack method that involves the observation of computational faults during the signing process that exposes the private keys, The Hacker News reports.
BleepingComputer reports that widely used 3D computer graphics software suite Blender has been impacted by site outages due to distributed denial-of-service attacks that have been ongoing since the weekend.
Network security: New tools for an aging art
The Latest Cybercriminal TTPs: How Public-Sector Defenders Can Stay Ahead
Playing network traffic cop in multi-cloud environments: A guide to detecting & restricting lateral movement
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news