A local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface of Windows task scheduler was discovered.
The Windows task scheduler ALPC 0-day vulnerability can allow a local user to gain SYSTEM level privileges.
The vulnerability was disclosed by security researcher SandboxEscaper and proof-of-concept (PoC) exploit code was published on GitHub.
The threat as described by the CERT Coordination Center (CERT/CC):
“Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges. We have confirmed that the public exploit code works on 64-bit Windows 10 and Windows Server 2016 systems. Compatibility with other Windows versions may be possible with modification of the publicly-available exploit source code.”
Neither a patch nor workaround was yet available at the time of the CERT/CC advisory last updated on Wednesday.