Unpatched Windows bug published on Twitter

Unpatched Windows bug published on Twitter

You can say what you want – Windows still has the most users worldwide. Be it Windows 7 or Windows 10, about 80% apparently prefer Microsoft’s OS. And why not? It nice looking, easy to use, has a wide variety of compatible programs and games and is well maintained.

That said it is not without its issues: There are enough privacy concerns, complaints about Microsoft’s patch policy and more going around online.  Due to its position, it is an OS that is also uniquely interesting for hackers and security researchers alike.  That’s why regular security patches to fix vulnerabilities and news concerning them should come as no surprise to anyone. Well, mostly.

Twitter bug rant

The latest Windows bug was published on Twitter and looks a lot like a rather colorful rant.

The link in the tweet is linked to a page on Github that seems to include a proof-of-concept of the vulnerability. Shortly after Will Dormann a vulnerability analyst at CERT/CC, verified that it indeed is a bug. According to him, it works well in a fully-patched 64-bit Windows 10 system.

What does the vulnerability do?

According to the security researcher, the vulnerability is a local privilege escalation. That means that someone can gain full admin privileges on any Windows PC. Since the bug is apparently in the ALPC, the Advanced Local Procedure Call, the impact will not be huge: It only can be exploited on a local system.

Right now there is no known fix for the bug but according to The Register Microsoft will update impacted systems and parts of the OS as soon as possible.

 

This post is also available in: German

PR & Social Media Manager @ Avira |Gamer. Geek. Tech addict.