Task Scheduler– New Vulnerabilities for schtasks.exe cymulate.com/blog/task…

The schtasks.exe binary is a core component of the Task Scheduler Service in Windows, enabling users to schedule and manage tasks automatically. This blog discloses new vulnerabilities and techniques we found, covering UAC bypass, Metadata Poisoning, Task Event Log Overflow, and Security Event Logs Overwrite, adding the technique to a new tactic category, Defense Evasion, and reinforcing the Privilege Escalation category regarding Elevation Control Mechanism Abuse.

*****
Written on