|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
-
SandboxEscaper drops another Win10 0day on Twitter
Remember the Task Scheduler ALPC 0day dropped on Twitter at the end of August?
The same gal, @SandboxEscaper, just dropped another one. On Twitter. No forewarning. No chance for Microsoft to fix it.
Catalin Cimpanu has a good overview on ZDNet.
It’s another privilege elevation attack, which means the attacker has to be running on your machine before it kicks in, and the 0day can be used to change the running code from standard to admin.
The PoC, in particular, was coded to delete files for which a user would normally need admin privileges to do so. With the appropriate modifications, other actions can be taken, experts believe.
That makes it very mean, but not yet a potent attack.
Kevin Beaumon, @GossiTheDog, has taken a look at it:
https://twitter.com/GossiTheDog/status/1054847922452480002
I’ll update this post with the CVE number as soon as I have it.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Devices with apps using sprotect.sys driver might stop responding
by 1 hour, 49 minutes ago
-
Neowin – 20 times computers embarrassed themselves with public BSODs and goofups
by 3 hours, 17 minutes ago
-
Slow Down in Windows 10 performance after March 2025 updates ??
by 9 hours, 41 minutes ago
-
Mail from certain domains not delivered to my outlook.com address
by 12 hours, 7 minutes ago
-
Is data that is in OneDrive also taking up space on my computer?
by 1 hour, 30 minutes ago
-
Nvidia just fixed an AMD Linux bug
by 1 day, 14 hours ago
-
50 years and counting
by 1 hour, 53 minutes ago
-
Fix Bluetooth Device Failed to Delete in Windows Settings
by 20 hours, 45 minutes ago
-
Licensing and pricing updates for on-premises server products coming July 2025
by 2 days, 1 hour ago
-
Edge : Deprecating window.external.getHostEnvironmentValue()
by 2 days, 1 hour ago
-
Rethinking Extension Data Consent: Clarity, Consistency, and Control
by 2 days, 1 hour ago
-
OneNote and MS Word 365
by 2 days, 3 hours ago
-
Ultimate Mac Buyers Guide 2025: Which Mac is Right For You?
by 2 days, 3 hours ago
-
Intel Unison support ends on Windows 11 in June
by 2 days, 3 hours ago
-
April 2025 — still issues with AMD + 24H2
by 2 days, 3 hours ago
-
Windows 11 Insider Preview build 26200.5518 released to DEV
by 2 days, 15 hours ago
-
Windows 11 Insider Preview build 26120.3671 (24H2) released to BETA
by 2 days, 15 hours ago
-
Forcing(or trying to) save Local Documents to OneDrive
by 3 days ago
-
Hotpatch for Windows client now available (Enterprise)
by 2 days, 11 hours ago
-
MS-DEFCON 2: Seven months and counting
by 1 day, 12 hours ago
-
My 3 monitors go black & then the Taskbar is moved to center monitor
by 3 days, 8 hours ago
-
Apple backports fixes
by 2 days, 15 hours ago
-
Win 11 24H2 will not install
by 1 day, 13 hours ago
-
Advice to convert MBR to GPT and install Windows 11 Pro on unsupported PC
by 6 hours, 55 minutes ago
-
Photos from iPhone to Win 10 duplicating/reformatting to .mov
by 1 day, 21 hours ago
-
Thunderbird in trouble. Here comes Thundermail
by 9 hours, 23 minutes ago
-
Get back ” Open With” in context menus
by 3 days, 23 hours ago
-
Many AMD Ryzen 9800X3D on ASRock have died
by 2 days, 15 hours ago
-
simple general stupid question
by 3 days, 21 hours ago
-
April 2025 Office non-Security updates
by 4 days, 14 hours ago
Remembering Woody
