Security 10748 Published by

A researcher from Google has published a security vulnerability in Windows 8.1 that is said to allow for elevated privileges, and now how to execute the flaw has been made public



From Neowin:
A Google security researcher who goes by the name, Forshaw, has taken the bold step to publish a security vulnerability in Windows 8.1 that is still exploitable. Forshaw makes the defense that he/she waited 90 days after first publication of the vulnerability before letting the world know how to exploit it, and so far, Microsoft has not patched the issue.

The post was made on Google's security research site where it discloses the vulnerability and how to execute the flaw. The vulnerability allows for an elevation of privilege in ahcache.sys/NtApphelpCacheControl and there is a demo application that can launch calc.exe using the method.
  Google researcher publishes unpatched Windows 8.1 security vulnerability