Sanboxescaper already leaked 2 zero-day flow online, one could allow
an attacker to exploit the Advanced Local Procedure Call (ALPC) interface to get system privileges and another Vulnerability allows attackers to delete files from vulnerable windows.
In this case, vulnerability affected the ReadFile.exe, A windows functions that help to reads data from the specified file or input/output (I/O) device.
This Vulnerability existing in the MsiAdvertiseProduct, a function generates an advertise script or advertises a product to the computer.
According to Microsoft document, the MsiAdvertiseProduct function enables the installer to write to a script the registry and shortcut information used to assign or publish a product.
This POC exploit acknowledged by 0patch and confirmed this POC to work and in fact provide read access to a chosen file that the initiating user didn’t have read access to.
Also she said., My github got taken down. And screw it, I’m not going to get anything for this bug anymore.