Microsoft Windows Task Scheduler zero-day and PoC exploit disclosed via Twitter
There’s a Windows zero-day in the wild thanks to Twitter user “SandboxEscaper” who revealed the local privilege escalation vulnerability and proof-of-concept exploit via Twitter. The researcher, who claims to be tired of IT security work, added:
Ps: Microsoft is stupid and I can’t wait to sell bugs in their software.
— SandboxEscaper (@SandboxEscaper) August 27, 2018
After tweeting about the local privilege escalation vulnerability in the ALPC interface for Microsoft Windows task scheduler, and linking to the PoC on GitHub, SandboxEscaper claimed she or he would be “gone” for a bit.