SandboxEscaper releases exploit code for two zero-day vulnerabilities in Windows 10 over the past 48 hours. Researchers have also released a bypass for the CVE-2019-0841 patch and LPE PoC exploit dubbed InstallerBypass. The researcher says the vulnerability bypasses the patch and allows attackers to write the discretionary access control list (DACL) which “identifies the trustees that are allowed or denied access to a securable object”” after successful exploitation. A video demo of the proof-of-concept exploit in action was also provided by the researcher on GitHub.”
Source: https://www.bleepingcomputer.com/news/security/two-more-windows-10-zero-day-poc-exploits-released-brings-total-to-4/