Sandbox Escaper – security researcher, warned in the social network Twitter about the vulnerability in Windows. Official confirmation of this information was given by Will Dormann, engineer CERT / CC.
This means that the privileges of the application on the local system are increased, so an attacker will easily increase the level of access of malicious code running from the account of an ordinary user to the level of SYSTEM with full access.
In addition, the researcher placed an algorithm of actions, demonstrating how to attack and obtain this access on GitHub.
SandboxEscaper did not notify the company about this, and 41.23% of users of 64-bit Windows systems are at risk of attack. The next planned patch Microsoft will release on September 11, where, as we assume, it will eliminate this vulnerability. Until then, you are an easy target for intruders.
Integrity Vision offers a solution to protect against such threats and subsequent vulnerabilities – it’s SandBlast Agent CheckPoint, and Qualys Threat Protection. Such solutions block the attempt to increase the privileges of the application in real time. In addition to this functionality SandBlast and Qualys the agent will help to detect and prevent a number of threats, with the help of such tools:
Integrity Vision takes care of your safety.