CyberNews Briefs

Researcher publishes Windows zero-days for the third day in a row

On Thursday, Windows exploit developer “SandboxEscaper” once again released new zero-day exploits on her GitHub account. SandboxEscaper already released a zero-day on Tuesday and then two more exploits Wednesday, although it turns out one of the latter had already been patched by Microsoft.

One of the new flaws is a local privilege escalation vulnerability, while the other could allow attackers with low privileges in a compromised system to drop malware in unauthorized locations. SandboxEscaper mentioned earlier this week that she found a total of 5 exploits and now confirmed that all of them have been released. By acting against established conventions for responsible disclosure, SandboxEscaper is putting Windows users at risk.

Read more: Researcher publishes Windows zero-days for the third day in a row

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.