There's a serious vulnerability in the Windows Task Scheduler, according to Twitter user SandboxEscaper (via The Register). Specifically, it resides in the Advanced Local Procedure Call (ALPC) interface, a Windows mechanism that helps a client process communicate with a server process.
The vulnerability could allow hackers to gain administrative access on a Windows system.
According to the mysterious researcher, who deleted his or her Twitter account soon after disclosing the vulnerability and declaring "I don't [expletive] care about life anymore," the flaw is known as an elevation-of-privilege bug.
This means that if you download and run a malicious piece of software, it can gain access to privileges it shouldn't have, such as those assigned to system administrators.
CERT Coordination Center analyst Will Dormann confirmed that the vulnerability exists in a fully-patched Windows 10 system. He is "currently unaware of any workarounds."
A Microsoft spokesperson told The Register that the company will "proactively update impacted devices as soon as possible." The next scheduled Microsoft round of patches comes out on Sept. 11, so we will likely have to wait until then.
This isn't the first time researchers have uncovered such a vulnerability in Windows systems. Just a few weeks ago, a group of Israeli security experts at the Black Hat security conference revealed an elevation-of-privilege vulnerability resulting from Cortana's data retrieval process. Recent updates patched this flaw.
And in June, the company released an update to Windows 365 to patch a similar bug in Microsoft Outlook.
While unpatched vulnerabilities can be scary, remember that no one has actually exploited this flaw yet. But be sure to download the newest patch when it's released ASAP.
Image credit: Magsi/Shutterstock
Windows 10 Security and Networking
- Use the Windows 10 Parental Controls
- Find Your MAC Address
- Turn Your Windows PC into a Wi-Fi Hotspot
- Password Protect a Folder
- Create a Guest Account in Windows 10
- Enable Windows Hello Fingerprint Login
- Set Up Windows Hello Facial Recognition
- How to Restrict Cortana's Ever-Present Listening in Windows 10
- Automatically Lock Your PC with Dynamic Lock
- Blacklist Non-Windows Store Apps
- Find Saved Wi-Fi Passwords
- Set Up a Metered Internet Connection
- Use Find My Device
- Stream XBox One Games
- All Windows 10 Tips
- Map a Network Drive
- Create Limited User Accounts
- Set Time Limits for Kids
- Pin People to Your Taskbar