Security Sandbox Escape has detected a Windows vulnerability that allows system DLL deletion.
On Twitter, a security researcher named Sandbox Escape shared a new zero-day vulnerability discovery in Microsoft Windows that could allow system files to be exploited. Weaknesses affect all recent versions of Windows 10, including the most recent October 2018 update. On Twitter, Sandbox has introduced a proof-of-concept code on GitHub to show the holes of Asper’s popular operating system.
This is the second weakness discovered by the researcher two months apart. Explaining the story around the new vulnerability, SandboxEsper wrote in a separate tweet, “Not the same bug that I posted a while ago, it doesn’t write trash in files but actually deletes them. I mean you can delete application dll. [sic] And hopefully they will find them in a position where users are able to write. Or delete and hijack items used by system services c: windows \ temp. “
https://t.co/1Of8EsOW8z There is a low quality bug that is painful to exploit .. not yet patched. I’m done with all this anyway. Probably going to get in trouble now because of the breakup .. but whatever.
– SandboxEscaper (andSandboxEscaper) 23 October 2018
According to researchers, vulnerabilities affect the Microsoft Data Sharing Service (dssvc.dll), a local service for exchanging data between applications. When vulnerabilities are exploited, the attacker may get permission from the administrator to compromise the secure data on the computer. They can then delete the system DLL or replace it with malicious ones.
As mentioned in SandboxScaper’s tweet, the vulnerability is a low-quality one that is “a pain to exploit” and is still obsolete by Microsoft. Mitza Kolsek, CEO of ACROS Security and co-founder of 0Patch Sure The presence of weakness followed SandboxEscaper’s tweet. 0 patch then released a micropatch free for quick vulnerabilities and Tweet It’s about
