Cyber Security Magazine
A security researcher has recently revealed a major Windows 10 vulnerability that could potentially give a hacker full access to a computer.
The researcher, which goes by the GitHub handle SandboxEscaper, said that the exploit had been successfully tested on machines running the 32- and 64-bit version of Windows 10.
Allegedly, a tweaked version of a kernel-level driver file can also be employed to take control of computers running Windows 7 and 8.
What is this zero-day vulnerability?
According to GitHub user SandboxEscaper, the hacker would need to be in front of this computer in order to work. Although user accounts prevent tampering with certain sensitive functions, a hacker could take advantage of something called “local privilege escalation.” It’s exactly how it sounds – override user privileges and gain control over the entire system.
SandboxEscaper said that he stumbled upon the issue while he was messing around with Windows’ Task Scheduler. Now, in order to take control of the systems, the hacker would have to be in front of your computer.
Then he would need to create an infected .job file and to delete. The next step would be to point one high-level kernel-level driver to the locations where the deleted file was in the first place.
To override existing privileged, the hackers only need to recreate the same task in Windows’ Task Scheduler in order to smuggle an infected, but low-privilege process into the computer’s system kernel.
On paper, it sounds rather far-fetched, not to mention time-consuming. The truth of the matter is that the above-mentioned steps can be recreated in a matter of minutes, and the impact could be devastating.
So far, no users have reported information leaks, but that’s no reason to let it pass. Unfortunately, despite SandboxEscaper’s warnings, Microsoft has yet to patch this bug. Until this is resolved, users have no other choice but to lock up their computers before leaving.
Is my computer at risk?
Will Dormann, another security researcher, pointed out that the architecture does not really make any difference.
In reviewing SandboxEscaper’s GitHub code, Dormann tried to recreate the infected file on a machine running the 64-bit version of Windows (the GitHub user was only able to test it out on Windows 10 32-bit). Unfortunately, it worked. Reportedly, the same issue affects machine running Windows 8 and XP.
There’s nothing you can do in order to counter this vulnerability. Until Microsoft find a way to patch it, your computer is at risk. Obviously, the best thing to do would be to keep on eye on your PC and to install the latest security updates.
If your desktop or laptop comes with a smart camera, then you might want to consider beefing up your security by activating Windows’ facial recognition feature. The fingerprint sensor can also add an extra layer of security, but not all PCs have one.
Wrap-up
Is this a major reason for concern? Yes, it is. Imagine that someone can take full control of your computer by fooling your computer. So, install updates and keep an eye on your machine.
What’s your take on Windows 10’s zero-day vulnerability? Head to the comments section and let us know.
