Titanium: the Platinum group strikes again

Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium named after a password to one of the self-executable archives. Titanium is the final result of a...

The vulnerability of the SetJobFileSecurityByName function in the Windows operating system’s task scheduler allows a malicious actor to escalate their privileges.

The vulnerability of the SetJobFileSecurityByName function in the Windows Task Scheduler operating system is related to deficiencies in file operation checks. Exploiting this vulnerability can allow an attacker to increase their privileges...

PT-2019-2615 · Microsoft · Windows Task Scheduler +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Task Scheduler affected versions not specified Description: An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the...

The vulnerability of the Windows Task Scheduler allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Windows Task Scheduler, a task scheduling tool for operating systems, is related to errors in handling user credentials. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...

Microsoft Windows Multiple Vulnerabilities (KB4493475)

This host is missing a critical security update according to Microsoft KB4493475 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

CVE-2019-0838

An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839...

Information disclosure

An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839...

Windows Information Disclosure Vulnerability

An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. An attacker could then install...

Hacker Discloses New Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability. SandboxEscaper posted a link to a Github page hosti...

Bad Actors Sizing Up Systems Via Lightweight Recon Malware

Well-known financial crime gang Cobalt Group and other threat actors have recently shifted tactics to incorporate lightweight modular downloaders that “vet” target machines for their attractiveness before proceeding with a full-fledged attack. The emergence of the AdvisorsBot and Marap malwares, ...

The vulnerability of the SchRpcSetSecurity function in the Advanced Local Procedure Call interface of the Windows operating system’s task scheduler allows a malicious actor to execute malicious code with SYSTEM privileges.

The vulnerability of the SchRpcSetSecurity function in the Advanced Local Procedure Call ALPC interface of the Windows operating system’s task scheduler is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute malicious code with SYSTEM privileges...

Microsoft Task Scheduler Elevation of Privilege (MS16-130: CVE-2016-7222)

An elevation of privilege vulnerability exists in the Windows Task Scheduler. A locally authenticated attacker can exploit this vulnerability by using Windows Task Scheduler to schedule a new task with a malicious UNC path...

Microsoft Windows Task Scheduler Elevation of Privilege Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the Microsoft Windows Task Scheduler. An authenticated local attacker could use the Windows Task Scheduler to schedule new tasks via a malicious UNC pat...

POP Peeper 4.0.1 - Persistent Code Execution Vulnerability

Document Title: =============== POP Peeper 4.0.1 - Persistent Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1657 Release Date: ============= 2015-11-26 Vulnerability Laboratory ID VL-ID: ====================================...

Microsoft Windows Task Scheduler - 'DeleteExpiredTaskAfter' File Deletion Privilege Escalation

Source: https://code.google.com/p/google-security-research/issues/detail?id=442 Windows: Task Scheduler DeleteExpiredTaskAfter File Deletion Elevation of Privilege Platform: Windows 8.1 Update, looks like it should work on 7 and 10 as well Class: Elevation of Privilege Summary: The Task Scheduler...

Microsoft Windows Task Scheduler Elevation of Privilege Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the Task Scheduler program in Microsoft Windows, which can be exploited by a local attacker to bypass established file system restrictions and delete...

Microsoft Windows Task Manager Elevation of Privilege Vulnerability (CNVD-2015-05975)

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows, which can be exploited by a local attacker to bypass analog level security checks and elevate privileges...

MS15-102: Vulnerabilities in Windows Task Management could allow elevation of privilege: September 8, 2015

Resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.SummaryThis security update resolves vulnerabilities in Windows that could allow elevation of privilege if an attacker logs on to a system and ru...

MS15-037: Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (3046269)

The remote Windows host is affected by a privilege escalation vulnerability due to improper handling of invalid tasks in the Task Scheduler. If a known invalid task is present on the system, a local attacker can exploit the task to cause Task Scheduler to execute a crafted application with System...

MS15-028: Vulnerability in Windows Task Scheduler Could Allow Security Feature Bypass (3030377)

The remote Windows host is affected by a security bypass vulnerability due to Windows Task Scheduler not properly validating and enforcing impersonation levels. Attackers can exploit this flaw to elevate privileges in order to execute files they have no permission to run. C Tenable Network...