Our forums are currently in maintenance mode and the ability to post is disabled. We will be back up and running as soon as possible. Thanks for your patience!



Windows ALPC zero-day has been exploited in the wild for a week

By tcavadias Staff ·
Two days after a security researcher released details and proof-of-concept code about an unpatched Windows zero-day, one malware group had already incorporated the vulnerability in their exploit chain and was attempting to infect users around the globe.

In OS versions released after Windows 7, the ALPC function does not properly check user permissions when interacting with files stored in the Windows Task Scheduler folder. An attacker using the PoC released on Twitter/GitHub can elevate a normal user's permission level from USER to SYSTEM.

Have you been impacted by this exploit? Let us know in the comments below!

Read ZDNet's Full Article: Recent Windows ALPC zero-day has been exploited in the wild for almost a week

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums