Luckily this particular nasty privilege escalation hack has been fixed and is part of the Windows Defender update released in the beginning of April 2019.
This hack was discovered by an anonymous hacker that goes by the name of Sandboxescaper.
NOTE: Task Scheduler is a component of Microsoft Windows that provides the ability to schedule the launch of programs or scripts at pre-defined times or after specified time intervals.
What a hacker needs to do to get escalated privilege on your machine is they need to call up an RPC function, “SchRpcRegisterTask“. This is a method that registers a task with the server.
You can do this by importing a legacy task file in the .job format that are written with arbitrary DACL. Arbitrary DACL writes allow a low-privileged user to change the system permissions, eventually, a local user gains complete control of the system.
This exploit was confirmed by many different security experts.
In order to keep yourself protected from this privilege escalation hack you will need to update your windows defender and your Windows OS.
To do so, go to the search at the bottom left of your Windows 10 screen. Type in "Check for Updates". A window will pop up that will allow you to choose to download any updates for Windows, this will also include any security updates that are for windows defender. Download and install the updates and then reboot your system. Your PC should now be protected from this vulnerability.
No comments:
Post a Comment