virus logo Intrusion Prevention

MS.Windows.Scheduler.SchRpcSetSecurity.Privilege.Escalation

description-logoDescription

This indicates an attack attempt to exploit a Privilege Escalation vulnerability in Microsoft Windows Task Scheduler.
This vulnerability is due to the insufficient permission checking in the application. A remote attacker may be able to exploit this bug to escalate his/her privileges via a crafted file.

affected-products-logoAffected Products

Microsoft Windows 64-bit versions

Impact logoImpact

Privilege Escalation: Remote attackers can leverage their privilege on the vulnerable systems

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor supplied patch for this issue

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://www.kb.cert.org/vuls/id/906424 https://doublepulsar.com/task-scheduler-alpc-exploit-high-level-analysis-ff08cda6ad4f
ID 46610
Created Aug 30, 2018
Updated May 02, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows
Affected App Other