A reverse engineer discovered a zero-day vulnerability in most Windows 10 editions, which allows creating files in restricted areas of the operating system. An unprivileged user can create an arbitrary file in system32, a restricted folder holding vital files for Windows operating system and installed software. This works only if Hyper-V is already active, something that limits the range of targets. An attacker can use this to place malicious code inside that would be executed with elevated privileges when needed. Microsoft s recent slash of rewards for high-severity privilege escalation bugs from $20,000 to $2,000 also contributed to the issue.
Source: https://www.bleepingcomputer.com/news/security/windows-10-sandbox-activation-enables-zero-day-vulnerability/