A security researcher and exploit broker known as SandboxEscaper has published today details about a new zero-day that affects the Windows 10 and Windows Server 2019 operating systems. The details have been published on GitHub, in the same account and repository where the researcher previously published details about eight other zero-days.
Can you believe it is June already? Summer is rapidl y approaching, but it’s been slow to warm up our temperatures here in the US. I can’t say the same thing about the temperature in our security community – things have been hot! The first months of 2019 have seen a record number of vulnerabilities reported and the latest, BlueKeep associated with CVE-2019-0708, has set the forums and security advisory lists on fire.
An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system. SandboxEscaper is known for publicly dropping zero-day exploits for unpatched Windows vulnerabilities. In the past year, the hacker has disclosed over half a dozen zero-day vulnerabilities in Windows OS without actually bothering to make Microsoft aware of the issues first.
Uncovered in May 2019 by security company Qualys, the flaw (CVE-2019-10149) affects Exim versions 4.87 to 4.91 inclusive running on several Linux distros, the latter released as far back as 15 April 2018. The next release, version 4.92, fixed the problem on 10 February 2019 although that wasn’t realised by the software’s maintainers at the time.
nCipher Security’s 300-plus employees are all officially now working for new owner Entrust Datacard, after the US-based company wrapped up its acquisition Thales’ hardware security module (HSM) spin-off. The move had been demanded by regulators as a condition of April’s Thales-Gemalto merger.