SoylentNews

martyb [soylentnews.org] writes:

SandboxEscaper Drops Three More Windows Exploits, IE Zero-Day [threatpost.com]:

On the heels of releasing a Windows zero-day exploit on Wednesday, developer SandboxEscaper has dropped exploit code for four more flaws on Thursday morning.

On Wednesday, she dropped a Windows zero-day exploit that would allow local privilege-escalation (LPE), by importing legacy tasks from other systems into the Task Scheduler utility – and she promised four more unpatched bugs [threatpost.com] while she was at it.

SandboxEscaper held true to that promise, on Thursday releasing [github.com] on GitHub the proof-of-concepts (PoCs) for another three Windows LPE flaws, and a sandbox-escape zero-day vulnerability impacting Internet Explorer 11. One of them however turns out to already be patched.

The exploits:

[...] a Windows Error Reporting [github.com] (WER) bug (CVE-2019-0863 [microsoft.com]), was actually patched earlier this month in Microsoft’s May Patch Tuesday fixes

[...]zero-day impacting Internet Explorer 11 [github.com], which could enable bad actors to inject a dynamic link library (DLL) into Internet Explorer."

[...]a bypass for a previously released patch addressing a Windows permissions-overwrite, privilege-escalation flaw (CVE-2019-0841 [krbtgt.pw])."

[...]A final flaw is an “installer bypass [github.com]” issue in Windows update

Not just one's own personal machines need to be considered; it's all the other Windows-based systems that we interact with, too. Might be best to hold off on non-essential transactions for a while?

Original Submission