An anonymous hacker with an online alias “SandboxEscaper” today released proof-of-concept (PoC) exploit code for a new zero-day vulnerability affecting Windows 10 operating system. The vulnerability resides in Task Scheduler, a utility that enables Windows users to schedule the launch of programs or scripts at a predefined time or after specified time intervals. The hacker teased that he/she still has 4 more undisclosed bugs in Windows, three of which leads to local privilege escalation and a fourth one lets attackers bypass sandbox security.
Source: https://thehackernews.com/2019/05/windows-zero-day-vulnerability.html