Windows 10 zero-day vulnerability revealed, with more to come

Windows 10
Image credit: Microsoft (Image credit: Microsoft)

Windows 10 has another zero-day vulnerability, as discovered by a security researcher who specializes in finding bugs in Microsoft’s operating system – and has previously publicly outed them without warning before.

The unpatched vulnerability highlighted by SandboxEscaper has been confirmed to work on Windows 10 (32-bit) systems, as reported by ZDNet. Furthermore, with some tweaking, it could theoretically be leveraged against any version of Windows (going as far back as Windows XP).

Utilizing a bug in the Task Scheduler in Windows, this is a local privilege escalation security flaw, meaning it can be used by a hacker to raise an account with low-level privileges on a PC to a full admin account (in other words, allowing them to do anything on the victim’s computer).

Note, however, that this security flaw can’t be used to gain access to a PC. It’s an exploit for malicious parties who have already hacked their way onto a computer, and a way for them to subsequently elevate their privileges to be able to do more.

Even so, this is obviously something Microsoft needs to address swiftly, and will perhaps be patched in the next round of security updates to arrive in June.

More where that came from

As we mentioned at the outset, SandboxEscaper is renowned for being a thorn in Microsoft’s side, and in October 2018 she released details of a bug that can also be abused to elevate privileges on a system, and drew attention to a similar flaw back in August 2018.

More worryingly, she has also claimed that she’s found four further unpatched bugs in Windows, so we can expect more revelations in the pipeline fairly soon, no doubt.

SandboxEscaper previously highlighted these bugs on Twitter, but seemingly has had several of her Twitter accounts suspended in the past.

Via MSPowerUser

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).

Latest in Windows
Printer
No, your printer isn't possessed: a Windows 11 23H2 bug could be making it print random characters when connected via USB
Man having Windows 11 problems with his laptop
Fed up of adverts creeping into Windows 11? You won’t like Microsoft’s latest update, then, although it does provide some important bug fixes
Acer Aspire 14 AI laptop display showing the Windows 11 login screen
Shock, horror – I’m not going to argue with Microsoft’s latest bit of nagging in Windows 11, as this pop-up is justified
A laptop on a desk with the Windows 11 background on its screen.
Microsoft is adding image editing and compression to its Windows Share feature - and I couldn't be happier
AOC Agon Pro AG276FK gaming monitor tilted slightly to the side, showing the Windows desktop screen
Windows 11 users get ready for more ‘recommendations’ from Microsoft – but I’m relieved to say these suggestions might actually be useful
Microsoft Store logo on a blurred background
There's finally a fix for an annoying Microsoft Store bug that's older than Windows 11
Latest in News
UK Prime Minister Sir Kier Starmer
UK PM says AI should soon replace civil servants
The Steam Logo on a mobile phone in front of a wall of games.
Today’s Steam Spring Sale features my absolute favorite game of all time - here's when the sale starts and all the key info
Apple iPhone 16 Pro Max REVIEW
The latest iPhone 17 Pro Max leak may have given us another look at its upcoming redesign
Half-Life running on a smartwatch
This Redditor installed a game engine on their smartwatch, and now it runs Doom, Quake, and Half-Life
Samsung Galaxy Z Fold 6
The Samsung Galaxy Z Fold 7 could be in line for a Galaxy S25 Ultra-level camera upgrade
Best Google Chromecast Apps
Following recent problems, Chromecasts are getting a free update to Android 14 – here's what that means