Skip to main content

Researcher publishes Windows zero-days for the third day in a row

posted onMay 23, 2019
by l33tdawg
ZDNet
Credit: ZDNet

A security researcher and exploit seller going by the name of SandboxEscaper has published today new Windows zero-days for the third day in a row.

On her GitHub account, the researcher published proof-of-concept code for two zero-days, but also short explainers on how to use the two exploits.

These two new exploits mark the seventh and eight zero-days the researcher has published in the last ten months. To summarize, over the course of the last three days, she also published:

- LPE exploit in the Windows Task Scheduler process [May 21]
- Sandbox escape for Internet Explorer 11 [May 22]
- an LPE in the Windows Error Reporting service [May 22] -- technically not a zero-day. It was revealed that Microsoft had already patched the issue before SandboxEscaper released her demo exploit code.

Source

Tags

Security Microsoft

You May Also Like

Recent News

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th

Thursday, June 6th