Windows 10 May Update hit by major zero-day vulnerability

Milan Stanojevic
by Milan Stanojevic
Deputy Editor
0 Comments
Download PDF

windows 10 v1903 zero day vulnerability

Microsoft recently rolled out a new Windows 10 feature update. Apparently, the company ignored a major security flaw that existed in Windows 10.

The flaw was spotted in advanced Task Scheduler settings. This vulnerability allows hackers to get complete administrative privileges over your files.

A researcher named SandboxEscaper first spotted the vulnerability and posted it online. The researcher took it to Github and posted the zero-day vulnerability on the platform.

As of now, Microsoft didn’t acknowledge the security flaw within the Task Scheduler. Once the company acknowledges the bug, a security patch will be available very soon.

Surprisingly, a Twitter user revealed the zero-day vulnerability targets those Windows 10 system that recently installed Windows 10 v1903. Furthermore, the user stated that anyone can easily exploit the vulnerability. 

SandboxEscaper also released a video to demonstrate the proof-of-concept (POC) attack. 

Notably, the researcher further claims to identify 4 additional flaws in the Windows 10 OS. One of these vulnerabilities allows the exploiter to bypass the security of sandbox. Microsoft needs to act fast and patch this vulnerability before it causes some serious damage. 

SandboxEscaper previously spotted several zero-day vulnerabilities. However, the user never informed Microsoft about the issues before releasing them.

Reddit users wanted her to first notify Microsoft about the issues.

Scary! Is there a reason she released it publicly? Wish she would at least notify Microsoft and give them a chance. At least these are just LPEs.

As far as the recent vulnerability is concerned, Microsoft is expected to release the necessary patches on Patch Tuesday.

RELATED ARTICLES YOU NEED TO CHECK OUT: