πŸ”’
There are new articles available, click to refresh the page.
βœ‡ A place where all your bugs will be disclosed

Windows User Profile Service 0day LPE

By: halov β€”

Β 

Not sure why Microsoft keep making screwing those patches.

Here's details about the bug -Β https://github.com/klinix5/ProfSvcLPE/blob/main/write-up.docx

PoC -Β https://github.com/klinix5/ProfSvcLPE/tree/main/DoubleJunctionEoP

This bug require another user password that's different from the current one, I'm not sure. But it might be possible to do it without knowing someone else password.
The PoC must be tested with standard user privileges with another standard user password. If it succeeds, it will spawn a SYSTEM shell.

At the time of writing this, this vulnerability affects every server and desktop edition including 11 and server 2022.

  • There are no more articles
❌