Microsoft Windows is prone to a local privilege-escalation vulnerability.
A local attacker can exploit this issue to gain elevated privileges.
Information
Microsoft Windows Server 2016 0
Microsoft Windows Server 1903 0
Microsoft Windows Server 1803 0
Microsoft Windows 10 Version 1903 for x64-based Systems 0
Microsoft Windows 10 Version 1903 for ARM64-based Systems 0
Microsoft Windows 10 Version 1903 for 32-bit Systems 0
Microsoft Windows 10 Version 1809 for x64-based Systems 0
Microsoft Windows 10 Version 1809 for ARM64-based Systems 0
Microsoft Windows 10 Version 1809 for 32-bit Systems 0
Microsoft Windows 10 Version 1803 for x64-based Systems 0
Microsoft Windows 10 Version 1803 for ARM64-based Systems 0
Microsoft Windows 10 Version 1803 for 32-bit Systems 0
Microsoft Windows 10 version 1709 for x64-based Systems 0
Microsoft Windows 10 Version 1709 for ARM64-based Systems 0
Microsoft Windows 10 version 1709 for 32-bit Systems 0
Microsoft Windows 10 version 1703 for x64-based Systems 0
Microsoft Windows 10 version 1703 for 32-bit Systems 0
Microsoft Windows 10 Version 1607 for x64-based Systems 0
Microsoft Windows 10 Version 1607 for 32-bit Systems 0
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References:
- Microsoft Homepage (Microsoft)
- Researcher publishes Windows zero-days for the third day in a row (zdnet.com)
- CVE-2019-1064 | Windows Elevation of Privilege Vulnerability (Microsoft)