Monday, April 21, 2025
HomeComputer SecurityHacker Leaked New Unpatched Windows Zero-day Vulnerability POC Online

Hacker Leaked New Unpatched Windows Zero-day Vulnerability POC Online

Published on

SIEM as a Service

Follow Us on Google News

A Security researcher posted new windows Zero-day vulnerability POC online that contain exploit code that allow attacker to read any file in the vulnerable windows system.

Sanboxescaper, pseudonym of Twitter handler & an unknown hacker leaked a Proof-of-concept for unpatched windows zero-day vulnerability exploit via her twitter feed.

https://twitter.com/Evil_Polar_Bear/status/1075605011105767424

Sanboxescaper already leaked 2 zero-day flow online, one could allow
an attacker to exploit the Advanced Local Procedure Call (ALPC) interface to get system privileges and another Vulnerability allows attackers to delete files from vulnerable windows.

- Advertisement - Google News

In this case, vulnerability affected the ReadFile.exe, A windows functions that help to reads data from the specified file or input/output (I/O) device.

This exploit falls under the privilege escalation vulnerability that allows let local attackers gain access to functions and permissions to read any file which can be accessed only by an admin level user privilege.

This Vulnerability existing in the MsiAdvertiseProduct, a function generates an advertise script or advertises a product to the computer.

According to Microsoft document, the MsiAdvertiseProduct function enables the installer to write to a script the registry and shortcut information used to assign or publish a product.

Researchers said, it leads to abuse the installer service due to improper validation affected function that force installer to read any privileged system files make a copy of it.

This POC exploit acknowledged by 0patch and confirmed this POC to work and in fact provide read access to a chosen file that the initiating user didn’t have read access to.

Also she said., My github got taken down. And screw it, I’m not going to get anything for this bug anymore.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Infostealer Attacks Surge 84% Weekly Through Phishing Emails

The volume of infostealer malware distributed through phishing emails has surged by 84% week-on-week...

North Korean IT Workers Use Real-Time Deepfakes to Infiltrate Organizations Through Remote Jobs

A division of Palo Alto Networks, have revealed a sophisticated scheme by North Korean...

New Phishing Technique Hides Weaponized HTML Files Within SVG Images

Cybersecurity experts have observed an alarming increase in the use of SVG (Scalable Vector...

Detecting And Blocking DNS Tunneling Techniques Using Network Analytics

DNS tunneling is a covert technique that cybercriminals use to bypass traditional network security...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Infostealer Attacks Surge 84% Weekly Through Phishing Emails

The volume of infostealer malware distributed through phishing emails has surged by 84% week-on-week...

North Korean IT Workers Use Real-Time Deepfakes to Infiltrate Organizations Through Remote Jobs

A division of Palo Alto Networks, have revealed a sophisticated scheme by North Korean...

New Phishing Technique Hides Weaponized HTML Files Within SVG Images

Cybersecurity experts have observed an alarming increase in the use of SVG (Scalable Vector...