Two days after a security researcher released details and proof-of-concept code about an unpatched Windows zero-day, one malware group had already incorporated the vulnerability in their exploit chain and was attempting to infect users around the globe.
In OS versions released after Windows 7, the ALPC function does not properly check user permissions when interacting with files stored in the Windows Task Scheduler folder. An attacker using the PoC released on Twitter/GitHub can elevate a normal user’s permission level from USER to SYSTEM.
[b][i]Have you been impacted by this exploit? Let us know in the comments below![/i][/b]
[b]Read ZDNet’s Full Article:[/b] [url=”https://www.zdnet.com/article/recent-windows-alpc-zero-day-has-been-exploited-in-the-wild-for-almost-a-week/#ftag=TRC-03-10aab6d”]Recent Windows ALPC zero-day has been exploited in the wild for almost a week[/url]
