Get a Pentest and security assessment of your IT network.

Cyber Security

SandboxEscaper Debuts ByeBear Windows Patch Bypass

Developer SandboxEscaper has disclosed a second bypass exploit for a patch that fixes a Windows local privilege-escalation (LPE) flaw again without notifying Microsoft. She released her first bypass for the that patch (which was issued in April) two weeks ago, as part of a cache of four exploits, all published without following responsible disclosure guidelines. This particular flaw now has a micropatch organization, thanks to the 0patch organization. She has also released another exploit that allows a local attacker to run processes in an elevated context, allowing them to change or delete data.

Source: https://threatpost.com/sandboxescaper-byebear-windows-bypass/145470/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation