Windows 10 and IE11: zero-day exploits available

A first zero-day exploit was announced for Windows 10, but the worst thing is that four additional zero-day flaws could have been announced shortly. A few hours later an exploit further sees the light, hitting IE11 in this case and leaving two further exploits in the pipeline. Everything therefore suggests that in the next few hours the release process will continue until exhaustion.

Read More Stories: Linux gets CPU frequency scaling for Raspberry Pi

The signature is that of ” SandboxEscaper “, which would sell its discoveries to oriental users for a price equal to 60 thousand dollars. In other words, there is certainly no hacker ethics behind the discovery: the goal is to scare, disrupt and monetize. Hence the absence of any signaling through official channels and, instead, the direct arrival of the first vulnerability to illustrate how serious the impact of an exploit based on the others still may be. For SandboxEscaper this is yet another action of this type, all within a few months, some of which have serious potential.

Read More Stories: Google Duplex: Machine reservation often needs human help

The first problem is related to a possible ” Local Privilege-Escalation ” attack following a vulnerability in the Windows 10 Task Scheduler. In this case the gravity is extreme because it allows to access the system with maximum privileges, therefore being able to take full device control.

Read More Stories: Huawei: the alternative to Android already in the fall?

The second exploit, brought online with a lot of demonstration video, is related to the Internet Explorer 11 browser and would be low impact since it can not be practiced remotely.

It is now necessary to understand how diligently Microsoft will be able to put a patch to these new problems, even considering how the June patch day is now imminent and the group rarely runs for cover, hastening the pace.

Read More Stories: Support for Python 2 ends in 2019, and it’s high time for developers to take action

SHARE
Previous articleLinux gets CPU frequency scaling for Raspberry Pi
Next articleNASA is giving Boarding Passes to Mars Until the end of September of this year
Aakash Molpariya
Aakash started in Nov 2018 as a writer at Revyuh.com. Since joining, as writer, he is mainly responsible for Software, Science, programming, system administration and the Technology ecosystem, but due to his versatility he is used for everything possible. He writes about topics ranging from AI to hardware to games, stands in front of and behind the camera, creates creative product images and much more. He is a trained IT systems engineer and has studied computer science. By the way, he is enthusiastic about his own small projects in game development, hardware-handicraft, digital art, gaming and music. Email: aakash (at) revyuh (dot) com

LEAVE A REPLY