Jump to content

Windows 10 zero-day exploit code released online


Sampei.Nihira

Recommended Posts

https://www.zdnet.com/article/windows-10-zero-day-exploit-code-released-online/

 

Quote

However, ZDNet was told today that, in theory, the zero-day should also work, with some fine-tuning, on all Windows versions -- going back to XP and Server 2003 -- although this might require some testing and further confirmation over the coming days.

Can not run.

There is no Schtask.exe in System32.

In XP, it's mstask.exe.

Link to comment
Share on other sites


1 hour ago, Sampei.Nihira said:

https://www.zdnet.com/article/windows-10-zero-day-exploit-code-released-online/

 

Can not run.

There is no Schtask.exe in System32.

In XP, it's mstask.exe.

Sure there is (please read as "you have a "queer XP" :w00t:)

it is schtasks.exe

https://www.robvanderwoude.com/schtasksxp.php

and it is the command line program to manage tasks, the whole stuff is then delegated to the related task scheduler service, mstask.exe is windows 9x/Me:

https://en.wikipedia.org/wiki/Windows_Task_Scheduler

jaclaz

 

 

Link to comment
Share on other sites

On 5/22/2019 at 8:56 PM, Sampei.Nihira said:

In my opinion in XP Home the file is absent.

My PC with XP Home is therefore safe from the exploit.

 

Yes, it is not in Home edition.

jaclaz

Link to comment
Share on other sites

I'm not sure if this counts as a bug in XP or in Windows 10. The PoC uses schtasks.exe and schedsvc.dll from a Windows XP system on a Windows 10 system. Files from XP work on Windows 10, but when they do, they use priveledge escalation.

https://web.archive.org/web/20190522011933/https://github.com/SandboxEscaper/polarbearrepo/tree/master/bearlpe

Link to comment
Share on other sites

A possible future vulnerability based on that code.

It may be that it doesn't even work on Windows XP.;)

Interesting is the possibility offered by Novirusthanks OSA which has 2 specific rules:

Ab9fSRK6_o.jpg

Edited by Sampei.Nihira
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...