Items tagged with sandboxescaper

SandboxEscaper is at it again, releasing another zero-day exploit into the wild without giving Microsoft a heads up before publication. If you recall, SandboxEscaper doesn't think too highly Microsoft and has published other zero-day vulnerabilities affecting the company's software dating back to the summer of 2018. The latest exploit leverages local privilege escalation (LPE) to compromise the Windows 10 task scheduler. If you recall, SandboxEscaper used a similar method to exploit the task scheduler back in August. According to the description of the vulnerability posted to GitHub, a malicious .job file targeting the task scheduler is the springboard for this latest attack. We... Read more...