An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system. The new exploit abuses Microsoft Edge browser to write discretionary access control list (DACL) as SYSTEM privilege. The next patch Tuesday updates from Microsoft are due on 11th June, and it would be interesting to see if the company would acknowledge four new exploits and release security fixes to address them.
Source: https://thehackernews.com/2019/06/windows-eop-exploit.html