A new zero-day Exploit Leaked to Bypass Already Patched Vulnerability (CVE-2019-0841)

A new zero-day Exploit Leaked to Bypass Already Patched Vulnerability (CVE-2019-0841)

An exploit broker and hacker, SanboxEscaper made a
comeback and published the details about a new zero-day which affects the already
patched local privilege escalation vulnerability, CVE-2019-0841 on Windows 10
and Windows 9 operating server.

The details of the zero-day have been published on GitHub and the
account and repository from which the details were leaked are the same as the
ones which attributed to the leaks of 8 other previously released zero-days. 

SandboxEscaper have
been actively involved in leaking zero-day exploits since August 2018, some of
the previously leaked zero-days are listed below:

LPE in Advanced Local Procedure Call (ALPC)
LPE in Microsoft Data Sharing (dssvc.dll)
LPE in the Windows Error Reporting (WER) system
LPE exploit in the Windows Task Scheduler process
Sandbox escape for Internet Explorer 11
Bypass of the CVE-2019-0841 protections
LPE targeting the Windows Installer folder

The hacker who recently exploited
CVE-2019-0841
vulnerability which was patched by Microsoft in April can further install
malicious programs, edit and delete data. The vulnerability can be executed
by deleting all files, folders, and subfolders in the Edge Browser.
Commenting on the matter, Will Dormann, Vulnerability
Analyst at the CERT/CC, says, “I’ve confirmed that this works on a
fully-patched (latest May updates) Windows 10 (1809 and 1903) system. This
exploit allows a normal desktop user to gain full control of a protected file.”
“Make sure you have multiple cores in your VM (not
multiple processors, multiple b coresb0 ).par. It’s going to increase the
thread priority to increase our odds of winning the race condition that this
exploits”
Basically, it requires the attacker to log in as a
local user and then execute this exploit which triggers the vulnerability, which
then allows the attacker to access and change system permissions and gain full control
of the system making him act as the admin.

Share this with Your friends:

Leave a Reply

Your email address will not be published. Required fields are marked *