// Hacking NEWS // Windows 10: a New Zero-Day Flaw Published On The Internet

in #news5 years ago

The researcher SandboxEscaper discovered a second way to bypass a patch that Microsoft published last April. It allows an attacker to obtain System privileges on a machine.

Capture d’écran (58).png

After wildly publishing a series of four zero-day vulnerabilities last month, the security researcher SandboxEscaper decided to return to work.

She has just published the details of a new attack called "ByeBear". This targets the Windows AppX Deployment service and allows the software to obtain system privileges.

The underlying flaw (CVE-2019-0841) had already been fixed last April by Microsoft, but ByeBear allows to work around this patch. This is the second time the researcher has undermined this patch.

Her attack entitled "CVE-2019-0841-BYPASS", which she published last month, was already shattering it. Below is a demonstration video, retrieved by Hacker News.

"This bug is most definitely not restricted to the edge. This will be triggered with other packages too. So you can definitely figure out a way to trigger this bug silently without having edge pop up. Or you could probably minimize edge as soon as it launches and closes it as soon as the bug completes", SandboxEscaper explains.

According to ZDnet, the researcher intends to publish a new zero-day vulnerability in the coming days. But nothing could be less certain. The expert has since locked her blog, after saying she wants to sell her zero-day rather than publish them for free.

But she had already made similar comments last month. It is therefore difficult to take this seriously. Moreover, as researcher Eliott Anderson points out, no one really wants to buy zero-day tickets from such an unstable and unpredictable person. The reasons for SandboxEscaper's actions remain a mystery.

Nobody is buying 0day from an unstable person. You need to trust the seller and if there is a possibility that the seller will publish the 0day on Github without warning it's a no go. - Elliot Alderson (@fs0c131y) June 9, 2019

Sources: ZDnet, Hacker News

Stay Informed, Stay Safe

DQmdpsoEfLe5nRg4Q1oKWHNjLdMnAucCYfRou1yF5Yiwrzs.png

DQmNuF3L71zzxAyJB7Lk37yBqjBRo2uafTAudFDLzsoRV5L.gif

Sort:  

Immensely thought out! Whoa.

Coin Marketplace

STEEM 0.36
TRX 0.12
JST 0.040
BTC 70744.80
ETH 3561.94
USDT 1.00
SBD 4.80