According to Threat Post, Windows task scheduler does not check the permission registry when undertaking basic processes. This flaw allows malicious code to alter privileges in a negative way. The flaw was detected within the Advanced Local Procedure Call (ALPC) interface which is a key component of the task scheduler within the 64-bit architecture that supports Windows 10 and Server 2016 respectively. The API within the ALPC does not verify the permission rights which leads to the possibility that malicious actors using rouge code could impact the platform.
Threat Post did point out that the flaw had limitations:
“The flaw does come with limitations – in order to gain elevated privileges, a bad actor would need to be local and exploitation needs prior code execution. Also, the exploit would need modifications to work on OSes other than 64-bit (i.e., 32-bit OS). “Also it hard-codes prnms003 driver, which doesn’t exist on certain versions (e.g. on Windows 7 it can be prnms001).”