CyberNews Briefs

SandboxEscaper Debuts ByeBear Windows Patch Bypass

Once again, Windows exploit developer SandboxEscaper has released a new zero-day exploit without disclosing the issue to Microsoft first. Last month, SandboxEscaper released five Windows exploits in a week. One of those exploits was a bypass for a patch that fixed a local privilege-escalation (LPE) flaw tracked as CVE-2019-0841. The new exploit is a second bypass for that same patch.

According to Microsoft, exploiting CVE-2019-0841 requires a threat actor “to log on to the system,” and to subsequently “run a specially crafted application that could exploit the vulnerability and take control of an affected system.” In past communications, SandboxEscaper has expressed a deep loathing of the infosec industry and has offered to sell zero-day exploits to “non-western” buyers. By acting against established conventions for responsible disclosure, she is putting Windows users at risk.

Read more: SandboxEscaper Debuts ByeBear Windows Patch Bypass

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.