A security researcher who goes by the handle SandboxEscaper published code to GitHub that allegedly shows how a malicious hacker can gain higher privileges on a Windows 10 machine and wreak havoc. The security vulnerability was earlier reported on by ZDNet.
The zero-day vulnerability is what’s called a “local privilege escalation.” That means that the vulnerability won’t necessarily allow hackers or malware to gain access to your machine. They have to already be on your machine. Instead, the vulnerability, when exploited, will give them full control over your machine by upping their privileges to the System level.
This is a bigger problem than it seems, because most malware can be constrained by the limits of the user account it has infected. Privilege escalation busts out of that straitjacket and gives even low-level malware godlike powers.