Twitter alias “SandboxEscaper” a security researcher, released a proof-of-concept for a Windows exploit residing in Microsoft Data Sharing (dssvc.dll). This exploit is a privilege escalation attack with the Data Sharing Service that has widespread privileges.
Using the PoC code released (called deletebug.exe) a user with low level privileges could delete critical system files that would normally require admin privileges.
SandboxEscaper wrote “Not the same bug I posted a while back, this doesn’t write garbage to files, but actually deletes them, meaning you can delete application dll’s and hope they go look for them in user write-able locations. Or, delete stuff used by system services C:WindowsTemp and hijack them.”
The PoC was tested against Windows 10, Server 2016, and Server 2019 Systems with the current October 2018 security updates and found to be successful.
Two months ago SandboxEscaper released a zero-day flaw for Windows regarding an exploit with the Windows Task Scheduler and it was found being used in the wild until Microsoft released their September 2018 Security Patch Tuesday updates.
The next Security Patch Tuesday is scheduled for November 13th, 2018.