Full title: Microsoft Windows 10 < build 17763 - AppXSvc Hard Link Privilege Escalation Exploit 
Category: local exploits
Platform: windows
There exists a privilege escalation vulnerability for Windows 10 builds prior to build 17763. Due to the AppXSvc's improper handling of hard links, a user can gain full privileges over a SYSTEM-owned file. The user can then utilize the new file to execute code as SYSTEM. This Metasploit module employs a technique using the Diagnostics Hub Standard Collector Service (DiagHub) which was discovered by James Forshaw to load and execute a DLL as SYSTEM.

# 0day.today @ http://0day.today/