[Oct 25, 2018]
A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability.
SandboxEscaper posted a link to a Github page hosting a proof-of-concept (PoC) exploit for the vulnerability that appears to be a privilege escalation flaw residing in Microsoft Data Sharing (dssvc.dll).
The Data Sharing Service is a local service that runs as LocalSystem account with extensive privileges and provides data brokering between applications.
The flaw could allow a low-privileged attacker to elevate their privileges on a target system.
Since the Microsoft Data Sharing service was introduced in Windows 10 and recent versions of Windows server editions, the vulnerability does not affect older versions of Windows operating systems including 7 or 8.1.
Cyber Security Tips:
- Users and Administrators are highly recommended to keep theirs system up to date with Automatic Update enabled.