Developer SandboxEscaper has disclosed a second bypass exploit for a patch that fixes a Windows local privilege-escalation (LPE) flaw again without notifying Microsoft. She released her first bypass for the that patch (which was issued in April) two weeks ago, as part of a cache of four exploits, all published without following responsible disclosure guidelines. This particular flaw now has a micropatch organization, thanks to the 0patch organization. She has also released another exploit that allows a local attacker to run processes in an elevated context, allowing them to change or delete data.
Source: https://threatpost.com/sandboxescaper-byebear-windows-bypass/145470/