Hacker reveals second Zero-Day that bypasses patch for Windows EoP flaw

In News

An anonymous security researcher called SandboxEscaper has publicly shared a second zero-day exploit that bypasses a recently patched vulnerability in the Microsoft Windows operating system.

Dubbed ByeBear, the new exploit abuses Microsoft Edge browser to write discretionary access control list (DACL) as SYSTEM privilege.

“It’s going to increase the thread priority to increase our odds of winning the race condition that this exploits. If your VM freezes, it means you either have 1 core or set your VM to have multiple processors instead of multiple cores… which will also cause it to lock up,” the researcher said.

This bug is most definitely not restricted to the edge. This will be triggered with other packages too. So you can definitely figure out a way to trigger this bug silently without having edge pop up. Or you could probably minimize edge as soon as it launches and closes it as soon as the bug completes,” he added.



You may also read!

Bulwark to showcase state-of-the-art IT security products at GITEX

UAE-based value added distributor, Bulwark Technologies announced that its portfolio of internationally acclaimed products lined up to be showcased


Hacking my airplane

ESET’s security researcher, Cameron Camp points out that after welcoming hacking research, automobile technology started to get better at


Are you building an effective SOC?

Haider Pasha, regional chief security officer, emerging markets, Palo Alto Networks shares his take on what makes an SOC


Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu