Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Microsoft Security Windows Technology

New Windows Zero-Day Bug Helps Delete Any File, Exploit Available (bleepingcomputer.com) 74

Posted by BeauHD from the here-we-go-again dept.
An anonymous reader quotes a report from Bleeping Computer: Proof-of-concept code for a new zero-day vulnerability in Windows has been released by a security researcher before Microsoft was able to release a fix. The code exploits a vulnerability that allows deleting without permission any files on a machine, including system data, and it has the potential to lead to privilege escalation. The vulnerability could be used to delete application DLLs, thus forcing the programs to look for the missing libraries in other places. If the search reaches a location that grants write permission to the local user, the attacker could take advantage by providing a malicious DLL.

The problem is with Microsoft Data Sharing Service, present in Windows 10, Server 2016 and 2019 operating systems, which provides data brokering between applications. Will Dormann, a vulnerability analyst at CERT/CC, tested the exploit code successfully on a Windows 10 operating system running the latest security updates. Behind the discovery is a researcher using the online alias SandboxEscaper, also responsible for publicly sharing in late August another security bug in Windows Task Scheduler component. Microsoft hasn't addressed the issue, but there is a temporary fix available through the oPatch platform. "A micropatch candidate was ready seven hours after the zero-day vulnerability announcement, and it blocked the exploit successfully," reports Bleeping Computer. "oPatch now delivers the stable version of the micropatch for fully updated Windows 10 1803.
This discussion has been archived. No new comments can be posted.

New Windows Zero-Day Bug Helps Delete Any File, Exploit Available More

New Windows Zero-Day Bug Helps Delete Any File, Exploit Available

Comments Filter:

  • This is why I use (Score:3, Informative)

    by Anonymous Coward on Wednesday October 24, 2018 @06:05PM (#57532145)

    Linux

  • Too long (Score:5, Funny)

    by SuperKendall ( 25149 ) on Wednesday October 24, 2018 @06:07PM (#57532151)

    The problem is with Microsoft...

    Could have just stopped right there.

    • Re:Too long (Score:5, Funny)

      by dc29A ( 636871 ) * on Wednesday October 24, 2018 @06:20PM (#57532221)

      That's true, you don't need zero day exploits to delete files, a simple Windows update takes care of it!

    • Re: (Score:1)

      by lgw ( 121541 )

      C'mon, just read a few more words:

      The problem is with Microsoft Data Sharing Service, present in Windows 10

      See, MS can be fine, you just need to upgrade to Windows 7 from that crappy Win10 legacy junk. It's hardly MS's fault if people refuse to upgrade to the good version of Windows.

    • If all you Linux dorks spent some time making Linux user-friendly instead of sitting in forums all day long bashing Microsoft, maybe some people would consider switching to Linux. 20 years later and being completely free, and Linux is still a joke with minimal usage from regular users.

      • Re: (Score:2, Funny)

        by Anonymous Coward

        If all you Linux dorks spent some time making Linux user-friendly instead of sitting in forums all day long bashing Microsoft, maybe some people would consider switching to Linux. 20 years later and being completely free, and Linux is still a joke with minimal usage from regular users.

        linux is user-friendly....it's just rather picky about the users it's friendly with...

    • Re: (Score:2)

      by rtb61 ( 674572 )

      So it is not a bug it is a feature, the bug, whoops everyone can see that feature that no one wants, the ability of M$ to delete any file it wants to on your computer at any time it wants to, as soon as you run windows 10. The bug is, the feature is now visible, don't worry they will hide it again in double quick time.

  • Outstanding News (Score:1)

    by Anonymous Coward

    I have been avoiding the upgrade process for quite some time. My diligence has paid off!

  • Can this be used ... (Score:5, Funny)

    by WoodstockJeff ( 568111 ) on Wednesday October 24, 2018 @06:14PM (#57532181) Homepage

    ... to remove those Win10 applications that Microsoft forbids you to remove?

  • What's oPatch? is it like 0patch?

  • Links not helpful (Score:5, Insightful)

    by viperidaenz ( 2515578 ) on Wednesday October 24, 2018 @06:21PM (#57532223)

    What's the CVE for this exploit?

    Or did the "security researcher" not disclose this to anyone before releasing it?

    • Re: (Score:1)

      by Anonymous Coward

      No, it was disclosed outright on Twitter/Github.

      https://github.com/SandboxEsca... [github.com]

      • Re: (Score:1)

        by Anonymous Coward

        Clicking on the P*.rar in there.....thanks....it tried to Do Something bad....AVAST stopped it....maybe...

  • Obligatory snark... (Score:3)

    by sconeu ( 64226 ) on Wednesday October 24, 2018 @07:07PM (#57532419) Homepage Journal

    Isn't the easier method just to install the October release of Windows 10?

  • New Windows Zero-Day Bug Helps Delete Any File (Score:5, Funny)

    by fahrbot-bot ( 874524 ) on Wednesday October 24, 2018 @07:25PM (#57532511)
    Ya, it's called [engadget.com] the 2018 Windows 10 October Update :-)

  • SandboxEscaper? (Score:4, Interesting)

    by citizenr ( 871508 ) on Thursday October 25, 2018 @01:37AM (#57533859) Homepage

    SandboxEscaper - isnt this the guy Microsoft refused to pay up (under bug bounty program) for previous privilege elevation bug found? bad move MS.

    • SandboxEscaper - isnt this the guy Microsoft refused to pay up (under bug bounty program) for previous privilege elevation bug found? bad move MS.

      Link? I did a google search and found nothing about anyone refusing to pay someone by the name of SandboxEscaper. I did however find plenty of stories and comments about "irresponsible disclosure" and this guy being criticised by other security researchers.

      • CVE-2018-8314

        • Cool a CVE. I am not interested in the exploit. I am interested in evidence that he was not paid or a discussion of why from some source. I typed your CVE into Google along with the words "not paid" and come up empty.

  • Yet another boring security issue that is only an issue if you allow the attacker to run their malicious code on your machine.

    The overlooked issue is that windows runs far too much unnecessary junk that no-one is using on everyone's machine.

  • Usually windows blocks me from deleting files (used by another process)

Slashdot Top Deals

The most exciting phrase to hear in science, the one that heralds new discoveries, is not "Eureka!" (I found it!) but "That's funny ..." -- Isaac Asimov

Close