Windows 0-day pops up out of (nowhere) Twitter
Windows 0-day pops up out of nowhere Twitter
Local privilege escalation in procedure calls
It's not bad enough to take Microsoft out-of-cycle, but CERT/CC has just put out a warning of a new privilege escalation bug in Windows.
According to the Tweet that set the hounds running, it's a zero-day with a proof-of-concept at GitHub.
CERT/CC vulnerability analyst Phil Dormann quickly verified the bug, Tweeting: “I've confirmed that this works well in a fully-patched 64-bit Windows 10 system. LPE right to SYSTEM!” (LPE – local privilege escalation – El Reg).
CERT/CC has finished its more formal investigation, and has just posteda vulnerability note.
“Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges”, the advisory stated.
ALPC, Advanced Local Procedure Call, restricts the impact somewhat, since it's a local bug.
However, it opens an all-too-familiar attack vector: if an attacker can get a target to download and run an app, local privilege escalation gets the malware out of the user context up to (in this case) system privilege. Ouch.
The vulnerability note says: “The CERT/CC is currently unaware of a practical solution to this problem.”
Responding to The Register's e-mail inquiry, a Microsoft spokesperson it will “proactively update impacted advices as soon as possible”, and pointed to its Update Tuesday schedule.
Source: theregister
Latest Jobs
-
- Professional Services Security Engineer
- United Kingdom
- £65,000
-
Professional Services Security Engineer with current checkpoint experience is needed for the UK focused client facing implementation/migration, configuration position. The role will be utilising the latest versions of Checkpoint, so someone accredited with either CCSA or CCSE, on at least version R80 is ideal. The Professional Services Security Engineer must have current technical implementation experience using Checkpoint, however, I would look at someone with strong firewalling experience around other vendors such as Palo Alto and Fortinet. Being a multi-vendor professional services business, there is scope for this person to receive training and experience within other vendors. This is a UK wide role, the company in question has 2 offices across the UK, however, there is scope for this person to be home based when not on client site. Vendor training and exposure actively promoted.
-
- eDiscovery / Forensic Consultant, London, £65,000
- London
- £65,000
-
Senior eDiscovery / forensic consultant needed to join a business is recognised for helping top tier clients across eDiscovery, Forensics, Incident Response, Advisory etc. Known the for quality, consistency of work throughout the world. This individual MUST be London based, client facing with deep technical hands on experience with eDiscovery / forensic tools, techniques and best practice. Hands on experience using Relativity is essential. The position is split between engaging with client stakeholders to provide consultancy, technical engaging to identify, preserve, collect, process, review and produce electronically stored information in litigation and manage / provide support for the other internal business functions. This will include, but not be limited to; manging client engagements, collecting / processing data within Relativity, delivering / providing guidance customisation on reports, advising clients. Any of the following certifications are highly desirable. • Relativity Certified Administrator (RCA) • Relativity Processing Specialist • Relativity Analytics Specialist Travel to client site will be involved. Fluency in multiple European languages is highly desirable. All details kept in the strictest of confidence. Contact me on Chris.holt@dclsearch.com 07884666351 or 02086634030
-
- Public Sector Sales Consultant, Cyber, London, 140 OTE +, Uncapped earnings!
- London
- Up to £140,000 OTE
-
Public Sector Sales Consultant is needed in London as a new hire into a cybersecurity services, solutions and advisory business. Ideally, the Public Sector Sales Consultant should have experience selling cyber solutions, services and advisory but this is not essential. (Training can be provided) What is essential is the sales consultant must have a successful history overachieving against target selling into the Public Sector (Healthcare, Defence, Emergency Services, Government etc.).. This target for this opportunity will be £1.3m. The role will be split in delivering NEW BUSINESS into existing accounts (account management through existing partners, framework, direct etc) and new Logo NEW business. A full suite of solutions is available to the successful Public Sector Sales consultant. More importantly, there is an Uncapped earning for overachievement. A KEY requirement is an ability for the individual to achieve UK security clearance- UK passport holder is a must. There is a strong preference for will be given to those that already have clearance. Training, development, support and a warm inviting team. All details kept in the strictest of confidence. Ref: CH7497
-
- Partner Sales Director
- Germany
- Up to €165,000 Base + Double OTE
-
We are currently working on behalf of a global cybersecurity provider who are currently looking for a Partner Sales Director in Germany. The Partner Sales Director will be responsible for the go to market strategy for current Cyber Security OEM’s and new alliances across EMEA and CALA. Other responsibilities include; Sales strategy development and implementation, Partner development, Sales leadership etc. Experience Required Must have current experience in a sales leadership role specialising in Cyber Security (vendor experience with Cisco, Check Point etc.) Proven sales record of being able to lead, grow teams and exceed expectations. This individual MUST be based in Germany Ref: BD7496 (Partner Sales, Alliances Sales, Cyber Security Sales Jobs)