{"id":8369,"date":"2019-01-23T00:06:00","date_gmt":"2019-01-22T23:06:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=8369"},"modified":"2019-01-22T19:07:01","modified_gmt":"2019-01-22T18:07:01","slug":"micro-patch-for-windows-0-day-file-write-vulnerability","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/01\/23\/micro-patch-for-windows-0-day-file-write-vulnerability\/","title":{"rendered":"Micro Patch for Windows 0-Day file write vulnerability"},"content":{"rendered":"

In Windows there is a Zero-Day-Exploit, which allows you to overwrite files without permission. 0patch provides a temporary micro-patch for this bug after Microsoft did not patch it in January 2019. <\/p>\n

<\/p>\n

At the end of the year a new 0-Day bug in Windows has became known by a hacker using the alias SandboxEscaper. The vulnerability allows attackers to overwrite files (see my blog post Windows 10: 0-day bug enabled file overwrite<\/a>). <\/p>\n

\n

We have just issued a micropatch for SandboxEscaper's #angrypolarbearbug<\/a> 0day. The vulnerability allows a low-privileged user to have any file overwritten with the content of a Windows Error Reporting XML file. This could potentially lead to arbitrary code execution as SYSTEM. pic.twitter.com\/KWzJ1nUNIo<\/a><\/p>\n

\u2014 0patch (@0patch) 17. Januar 2019<\/a><\/p><\/blockquote>\n