![](\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\")
The ALPC vulnerability (CVE-2018-8440), which is present in all supported and unpatched Microsoft Windows versions, is now being exploited by the Metasploit Kit. <\/p>\nThe ALPC vulnerability (CVE-2018-8440), which is present in all supported and unpatched Microsoft Windows versions, is now being exploited by the Metasploit Kit. <\/p>\n
<\/p>\n
I had blogged several times about the ALPC vulnerability (CVE-2018-8440) (see links at the end of this article). Microsoft released corresponding fixes on September 11, 2018 (see Microsoft Security Update Summary September 11, 2018). So if you have patched, you are on the safe side. If you haven't installed the updates, you should know that cyber criminals can now exploit this vulnerability via the Metasploit kit, as the following tweet reports.<\/p>\n
\nUpcoming Microsoft Windows ALPC Task Scheduler Local Privilege Elevation (CVE-2018-8440) exploit in #Metasploit<\/a> !
Yes the 0day (now patched) found and disclosed by @SandboxEscaper
Thx @tychos_moose<\/a> Aaron Soto @shellfail<\/a> and @TheColonial<\/a> for the hard work. https:\/\/t.co\/M4wLWBt0hW<\/a> pic.twitter.com\/GRvK4StntR<\/a><\/p>\n\u2014 Davy Douhine (@ddouhine) 20. September 2018<\/a><\/p><\/blockquote>\n