A dedicated security researcher with Twitter released proof of concept exploit for a new zero day vulnerability influencing Microsoft’s Windows operating system. We are talking about Sandbox Escaper, the same researchers who earlier dropped exploits for windows zero day vulnerabilities. This will leave all Window users exposed to the hackers until Microsoft patched them.
The newly exposed un patched windows zero-day vulnerability is an issue that allowed malicious content or a low-privileged user to read that file on specific targeted windows computer that would only be possible through administrator level privileges.
The Zero-day vulnerability dwells in Msi Advertise Product function of Windows which is responsible for developing an advertise script as well as advertising a product to the computer. Owing to improper validation, the impacted function force installer service into making a copy of file as privileges and comprehend its content, ensuing in arbitrary file read vulnerability.
As per come researcher, without an enumeration vector this still remains a bad news. As various document softwares like office keeps files in static locations which carry the full path and file names of recently opened documents. Therefore by reading files likes this, you can easily get the file names of documents crafted by other users. Also the file system is widespread and you can anywhere find the references to user-created files. This simply means not having an enumeration bug isn’t a big deal. In the past few months this was the third time Sandbox escaper had leaked Windows zero-day vulnerability.
In late August, the researchers revealed details and proof of concept exploit for a local privilege escalation mistake in Windows Task scheduler happened due to problems in the handling of the Advanced Local Procedure Call service. Just after the proof of concept released, the then Zero day vulnerability was found exploited in the wild.
If you have anything in mind and want to express your views and opinions about this topic, then you are free to share your feedback or comments below. Your piece of knowledge is valuable to us.