Emergency Fix for Windows 10 Task Scheduler Vulnerability Released by 0patch

The Windows 10 Task Scheduler vulnerability that was disclosed on Twitter earlier this week won’t be getting a patch from Microsoft until the next Patch Tuesday on September 11, but in the meantime, the engineers over at 0patch got you covered.

A third-party fix for the zero-day bug is now available for Windows 10 April 2018 Update (version 1803) 64-bit, and it can be freely downloaded by any user. 0patch customers who are running the 0patch Agent only need to the click the sync now button to get the micropatch automatically.

“Okay people, 24 hours after the 0day was published we have a micropatch candidate for @SandboxEscaper's LPE in Task Scheduler. As you can see, scheduler's access to user-controlled hardlink is impersonating the user and gets ACCESS DENIED,” the official 0pat... (read more)

No comments:

Post a Comment