The vulnerability of the Windows USO Core Worker component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows USO Core Worker component of the Windows operating system is related to deficiencies in access control for certain functions. Exploiting this vulnerability can allow an attacker to enhance their privileges...

UsoDllLoader - Windows - Weaponizing Privileged File Writes With The Update Session Orchestrator Service

2020-06-06 Update: this trick no longer works on the latest builds of Windows 10 Insider Preview. This means that, although it still works on the mainstream version ofWindows 10, you should expect it to be patched in the coming months. Description This PoC shows a technique that can be used to...

Background Intelligent Transfer Service Privilege Escalation Exploit

This Metasploit module exploits CVE-2020-0787, an arbitrary file move vulnerability in outdated versions of the Background Intelligent Transfer Service BITS, to overwrite C:\Windows\System32\WindowsCoreDeviceInfo.dll with a malicious DLL containing the attacker's payload. To achieve code executio...