[ Jan 02, 2019 ]
A new zero-day vulnerability in the Windows operating system has been discovered recently. This is the fourth Windows zero-day discovered in last five months and it could allow attackers to overwrite a targeted file with random data.
The exploit code of the vulnerability is published on GitHub by a security researcher who goes by the name of SandboxEscaper. By running the Proof-of-Concept (PoC), the researcher had managed to overwrite ‘pci.sys’ – by collecting software and hardware problems through the Windows Error Reporting (WER) event-based feedback infrastructure. ‘Pci.sys’ is a system component that helps in correctly booting the operating system.
Since the target is ‘pci.sys’, SandboxEscaper highlights that the vulnerability can further be used to conduct a denial-of-service attack on a machine. It can also be used to disable third-party AV software.
SandboxEscaper has informed Microsoft Security Response Center(MSRC) about the new bug.