The flawed code of the Windows 10 May update was published on GitHub. The posted code shows how any hacker can enter the PC at the root level and gain the administrator level of the computer. From there he can do whatever he wishes, and get information from the PC about the user. This flaw of the Windows 10 new update is called ‘zero-day vulnerability’ which was first reported by ZDNet. It has been given that name as it is a flaw known to the software vendor. We should point out that until now, the fix of this flaw hasn’t been found. The hackers and the cybercriminals use this exact flaw of Windows 10 to exploit the PC of the user. The zero-day vulnerability is called a ‘local privilege escalation (LPE)’.
The security flaw was found in the Task Scheduler of the Windows 10. And using this, the attacker could access the system level files of the PC which could give him the control of the entire machine. Currently, the flaw is still in the new update and till now Microsoft has not released a patch to fix this issue. It is not the first time a big flaw/ security issue has been found in the Windows 10 as earlier too the company has rolled out an update which had some flaws. After that, the company rolled out a feature through which the users can roll back to their previous version of the update in case a new update is flawed. Although bugs and flaws are common with updates, this security flaw poses a bigger threat than it appears. It is because the flaw can give the administrator access to the hackers and then they can enter the system and control everything. If any malware was left out in the system then it would be powerful enough to destroy the entire system.
