Microsoft appears set to patch a zero-day local privilege escalation vulnerability that was publicly posted on Tuesday by a security researcher. The vulnerability allows for local privileges to be escalated to system level due to a flaw within the Advanced Local Procedure Call, or ALPC, interface of the Windows task scheduler. Microsoft says it plans to issue an advisory to users about the problem shortly. A vulnerability analyst says the exploit code works on 64-bit Windows 10 and Windows Server 2016 machines, according to CERT/CC.”]
Source: https://www.cuinfosecurity.com/microsoft-zero-day-exploit-published-before-patch-a-11434