• Home
  • News
  • Big Data & Analytics
  • DevOps
  • Security
  • GDPR
  • AI & ML
  • Women in Tech
  • Cloud & Infrastructure
  • CIO
  • Deskflix
  • Events
  • Whitepapers
  • Spotlights
  • IT Leaders 250
  • Research
  • Delta
  • Tech Marketing Hub
  • About Us
  • Newsletters
  • Sign in
  •  
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
     
    • You are currently accessing Computing via your Enterprise account.

      If you already have an account please use the link below to sign in.

      If you have any problems with your access or would like to request an individual access account please contact our customer service team.

      Phone: +44 (0) 1858 438800

      Email: customerservices@incisivemedia.com

      • Sign in
     
  • Follow us
    • Twitter
    • LinkedIn
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • Events
    • Upcoming events
      event logo
      The Pesky Password Problem: What place do passwords have in the modern workplace?

      In this webinar you'll learn: Why passwords are so easy to hack, and how the bad guys do it. How to craft a secure, risk-focused password security policy. The truth about password managers and multi-factor authentication and how they impact our risk. How to empower your end users to become your best last line of defence

      • Date: 21 Jan 2021
      event logo
      Where the buck stops: Why a shared responsibility model will help you own your cloud security flaws

      This webinar, and accompanying dedicated research, will reveal to what extent organisations are practicing a shared responsibility model for cloud security today and the degree to which IT leaders are aware of what they should be doing to ensure the secure use of their multi- and hybrid-cloud environments.

      • Date: 27 Jan 2021
      event logo
      Leveraging the Cloud to Defeat Data Disasters

      Join us and learn how your IT team can realize many of the powerful advantages of the cloud and solve the operational complexity behind managing data across hybrid and multi-cloud IT environments with centralized management, automation, end-to-end security, and lower TCO.

      • Date: 28 Jan 2021
      event logo
      Deskflix Hybrid and Multi Cloud

      One of the most powerful tools for breaking down silos and integrating resources is cloud computing. But multi-tenancy cloud is not the ideal environment for every application or every class of data and some will need to remain on-prem for the foreseeable future; nor are all clouds equal. Tune in to Deskflix season 1 to hear industry experts speak on the questions you need answered on hybrid and multi cloud.

      • Date: 10 Feb 2021
      View all events
  • Whitepapers
    • LATEST WHITEPAPERS
      Darktrace 120x194
      Cyber AI Response: Threat Report 2019

      This white paper details 7 case studies of attacks that were intercepted and neutralised by Darktrace cyber defense AI, including a zero-day trojan in a manufacturing company's network. Learn how Darktrace Antigena AI Response modules fight back autonomously, no matter where a threat may emerge, extending to the Cloud, Email and SaaS.

      Download
      Darktrace 120x194
      Cyber AI & Darktrace Cloud

      This white paper explores how cloud is a security blind spot for many organisations who struggle with the limited visibility and control in this new environment, where their existing security tools are often not applicable.

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • Spotlights
    • Spotlights

      Welcome to Computing's Spotlight section, where we focus in on particularly important themes and topics of enterprise IT.

      Intel logo

       

      Endpoint Management and Security Hub

  • IT Leaders 250
  • Research
  • Delta
  • Tech Marketing Hub
  • About Us
Computing
Computing
  • Home
  • News
  • Big Data & Analytics
  • DevOps
  • Security
  • GDPR
  • AI & ML
  • Women in Tech
  • Cloud & Infrastructure
  • CIO
  • Deskflix
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
 
  • You are currently accessing Computing via your Enterprise account.

    If you already have an account please use the link below to sign in.

    If you have any problems with your access or would like to request an individual access account please contact our customer service team.

    Phone: +44 (0) 1858 438800

    Email: customerservices@incisivemedia.com

    • Sign in
 
  • Security

Three more Windows 10 zero-days dropped by SandboxEscaper, aka Polar Bear

More exploit code released by security researcher, including three zero-days and one only patched by Microsoft earlier this month

SandboxEscaper, also known as 'Polar Bear', has expressed a desire to hike the Arctic
SandboxEscaper, also known as 'Polar Bear', has expressed a desire to hike the Arctic
  • Computing News
  • 23 May 2019
  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
0 Comments

SandboxEscaper, the security researcher behind the Windows 10 Task Scheduler zero-day security flaw released this week, has made good on her promise to release exploit code for four more vulnerabilities.

Three of them take advantage of zero-day security flaws she has found, while the fourth was patched by Microsoft earlier this month. 

She announced the releases today on her blog where she also uploaded a video of REM's ‘It's the End of the World as we Know it (And I Feel Fine)' to accompany it.

She also wrote:

"Uploaded the remaining bugs.

burning bridges. I just hate this world.

ps: that last windows error reporting bug was apparently patched this month. Other 4 bugs on github are still 0days. have fun.

Bye."

The GitHub proof-of-concepts include three Windows local privilege escalation (LPE) security flaws and a sandbox-escape vulnerability in Internet Explorer 11, although one of the LPEs was patched in Microsoft's May Patch Tuesday. One of two aliases given for the credit - Polar Bear - indicates that SandboxEscaper forwarded details of the flaw to Microsoft.

The patched flaw a LPE targetting the Windows Error Reporting service, CVE-2019-0863, which was given a CVSS 3.0 severity score of 7.8 (high).


Computing AI and Machine Learning Live 2019 logo

AI & Machine Learning Live is returning to London on 3rd July 2019. Hear from the Met Office's Charles Ewen, AutoTrader lead data scientist Dr David Hoyle and the BBC's Noriko Matsuoka, among many others. Attendance is free to qualifying IT leaders and senior IT pros, but places are limited, so reserve yours now.


The Internet Explorer 11 flaw enables attackers to inject DLLs into IE. "The third is a bypass for a previously released patch addressing a Windows permissions-overwrite, privilege-escalation flaw (CVE-2019-0841). The bug exists because Windows AppX Deployment Service (AppXSVC) improperly handles hard links," according to Threatpost.

The final flaw is an ‘installer bypass' issue with Windows Update.

"Figure out how this works for yourself. I can't be bothered. It's a really hard race, doubt anyone will be able to repro[duce it] anyway. Could be used with malware, you could programmatically trigger the rollback. Maybe you can even pass the silent flag to hide installer user interface and find another way to trigger rollback," SandboxEscaper writes on GitHub, adding that exploitation is based on "a really small timing window".

In her blog, SandboxEscaper also indicated that she was in the market to sell flaws to "people who hate the US", a move made in apparent response to FBI subpoenas against her Google account.

Logo for the Computing and CRN Women in Tech Festival 2019

Computing and CRN have united to present the Women in Tech Festival UK 2019, on 17 September in London.

The event will celebrate successful women in the IT industry, enabling attendes to hear about, and to share, personal experiences of professional journeys and challenges.

Whether you're the ‘Next Generation', an ‘Inspirational Leader', or an ‘Innovator of Tech' this event will offer inspiration on not only how to improve yourself, but how to help others too.  The event is FREE for qualifying IT pros, but places will go fast

  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
  • Topics
  • Security
  • Software
  • Security
  • SandboxEscaper
  • Polar Bear
  • Microsoft
  • Windows 10
  • Github
  • local privilege escalation
  • LPE
  • Windows Error Reporting

More on Security

Cybersecurity in 2021: Looking ahead to another unpredictable year
Cybersecurity in 2021: Looking ahead to another unpredictable year

The big topics will be the cloud, social engineering, automation and security budgets, as firms work to address corners cut in the pandemic

  • Security
  • 19 January 2021
sNCSC launches CyberFirst Girls Competition - aims to boost female representation in cyber security
NCSC launches CyberFirst Girls Competition - aims to boost female representation in cyber security

Women make up just eight per cent of the cyber workforce in the UK

  • Security
  • 18 January 2021
BA faces possible £800m data breach claim

Claim would be the largest group action personal data claim in UK history

  • Legislation and Regulation
  • 13 January 2021
Boosting cyber resilience when the odds are stacked against you

2020 exposed gaps in our ability to trust information, ignited cloud migrations, and put overburdened security teams under more strain. In 2021 we must focus on the danger areas

  • Security
  • 13 January 2021
Oliver Presland, VP, Consulting Services Portfolio Ensono
Ensono: Users expect high speed and availability, and outages can severely impact brand reputation

Oliver Presland, VP, Consulting Services Portfolio Ensono discusses the impact of the pandemic on user expectations and the security landscape

  • Security
  • 11 January 2021
blog comments powered by Disqus
Back to Top

Most read

Software errors wipes 'thousands' of arrest records from police databases
Software errors wipes 'thousands' of arrest records from police databases
Women in IT: don't get stuck in 'glue work' if you want to get on
Women in IT: don't get stuck in 'glue work' if you want to get on
Delta: Microsoft's identity management lead is under threat
Delta: Microsoft's identity management lead is under threat
BT faces possible £500m claim for overcharging landline-only customers
BT faces possible £500m claim for overcharging landline-only customers
Twitter CEO defends Trump ban while Telegram purges far-right channels
Twitter CEO defends Trump ban while Telegram purges far-right channels
  • Contact
  • Delta
  • Marketing solutions
  • Enterprise IT Events
  • Incisive Media
  • Terms & conditions
  • Policies
  • Careers
  • Twitter
  • LinkedIn
  • Newsletters
  • Facebook
  • YouTube

im_logo

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017
Loading