Windows 10 vulnerability disclosed by security researcher, posts exploit code to GitHub

While Microsoft announced the latest Windows 10 May 2019 Update which included a host of new improvements and features, a security researcher has disclosed a new zero-day vulnerability that may be used to execute a malicious attack. [caption id=“attachment_4451271” align=“alignnone” width=“1280”] Windows 10 with Redstone 4. Image: Microsoft[/caption] For those unfamiliar with the terminology, a zero-day vulnerability happens to be a vulnerability that is unknown to the developer of the software/hardware, which in this case happens to be Microsoft. As per a report by ZDNet,  security researcher SandboxEscaper has published the exploit code on Github and also made public a video which showed how the vulnerability can be exploited. SandboxEscaper explained that the exploit by itself cannot be used to access user computers but it can be used in conjunction with other methods to make the exploit quite lethal. The vulnerability arises from the Windows Task Scheduler, wherein the hacker can run a specific .job file within the Task Scheduler to grant himself administrator privileges. There is no word on when a patch for this exploit will be released by Microsoft. In more news regarding Windows, the 21 May cumulative update called as   KB4497934  has introduced a functionality which stops automatic feature updates and instead gives you the option to download it manually when you have the time. The new feature update gets a new box on the Windows Update page, with a ‘Download and install’ link below it.