Windows 10, the 32-bit version, and possibly all other Windows versions back to Windows 7 (with a few exceptions), have a zero day vulnerability which allows potential hackers to elevate their low-privileged accounts to admin status on a compromised system.
In other words, there is a way for hackers to completely take over your system, regardless of which version of Microsoft's OS you're running at the moment.
This is according to a cybersecurity researcher going by the name SandboxEscaper. He/she has published the demo exploit code on GitHub, for pretty much everyone to see. The description in the GitHub says the vulnerability is found in the Windows Task Scheduler process.
Even though the vulnerability has only been confirmed to work on the 32-bit version of Windows 10, ZDNet was told (opens in new tab) that all other versions, all the way to Windows 7, should be vulnerable at pretty much identical the same way.
Will Dormann, a vulnerability analyst at the CERT Coordination Center, part of the US government-funded Software Engineering Institute, confirmed (opens in new tab) the exploit works against a fully patched and up-to-date version of Windows 10, 32 and 64-bit, as well as Windows Server 2016 and 2019.
So far, Windows 8 and 7 seem to be safe.
Image Credit: Shutterstock