It has been reported that another zero-day security hole in Windows 10 has been made public on Twitter. SandboxEscaper tweeted about the bug (and released a proof of concept), noting that it was difficult to exploit, but still unpatched. The vulnerability affects all flavors of Windows 10 – including the latest October 2018 Update, for those who have installed it – along with Windows Server 2016 and 2019.
Tom Parsons, Senior Director at Tenable Research:
“This is an elevation of a privilege zero-day vulnerability in Microsoft’s Data Sharing Service (dssvc.dll), which is used to broker data between applications.
“It reportedly affects the very latest versions of Microsoft Operating Systems [Windows 10, Windows Server 2016 and Windows Server 2019 systems], and not older ones, so users may have wrongly assumed they were more secure. In addition, given that it affects both server and client Operating Systems, and with Windows 10 the 2nd most prevalent MS desktop/client OS after Windows 7 (per netmarketshare.com), will also make this attractive to attackers.
“It’s imperative that organisations quickly assess for their exposure to this vulnerability as, in May we highlighted [in our Attackers Advantage report] that in 34 percent of cases exploits were available on the same day as vulnerabilities were disclosed. Attackers will be quick to integrate this vulnerability into their malware in order to elevate privileges on compromised systems.
“To put the threat into perspective, an attacker would already need access to the system or combine it with a remote exploit to leverage the vulnerability. This could be exploited to facilitate lateral movement within an organisation or even potentially destructive purposes – such as deletion of key system files rendering a system inoperable.”
“Currently organisations take up to 13 days (median) to assess for exposure to prevalent vulnerabilities [ from the Attackers Advantage report] which could leave the window wide open for an attacker to climb through.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.