The web applications security researcher known as Sandbox Escaper has just publicly disclosed the details about a new zero-day vulnerability on Microsoft Windows 10 and Windows Server 2019 operating systems.
This time, Sandbox Escaper revealed a new method to bypass the patches that fix the CVE-2019-0841 vulnerability in Microsoft; the investigator had already published a first method a couple of weeks ago. This vulnerability would allow an attacker with reduced privileges to hijack files by overwriting the permissions in the targeted file.
In her report, Sandbox Escaper mentions that, if successfully exploited, this vulnerability would give full control to the user, regardless of whether they’re using a low-privileged account. Microsoft corrected the vulnerability CVE-2019-0841 with the April 2019 patch, mentioning that it was a Windows AppX Deployment Service flaw, which improperly handles some links.
According to the security expert in Web applications, there is a second way to dodge the patches of the vulnerability and allow a few privileged attacker to kidnap files that otherwise would not have access.
This is a local privilege escalation vulnerability, in other words, attackers could exploit this flaw to gain access to various files they would otherwise have no control over; it is important to note that a hacker cannot get access to a system exploiting this vulnerability.
Although this is a new variant of exploiting this vulnerability, Sandbox Escaper highlights that there are more efficient ways to perform a local privilege escalation on Windows systems; even she has discovered other more effective methods.
This is the fourth zero-day flaw that the web applications security expert reveals during the last month, commented specialists from the International Institute of Cyber Security (IICS); the company is expected to release the corresponding patches as part of its update package scheduled for June 11.
The expert assures that in the upcoming days will publish the details of new zero-day vulnerability in the Microsoft operating system; in addition to this recently reported flaw, other Sandbox Escaper reports include:
- A local privilege escalation in ALPC
- A local privilege escalation in Microsoft Data Sharing
- A local privileges escalation in Windows Error Reporting system