SandboxEscaper, a researcher who back in August tweeted out a Windows privilege escalation bug, has published another unpatched Windows flaw on Twitter. The new bug has some similarities to the previous bug. Windows services usually run with elevated privileges. Sometimes they perform actions on behalf of a user, and to do this they use a feature called impersonation. These services act as if they were using a particular user’s set of privileges. After they’ve finished that action, they revert to their normal, privileged identity.

https://arstechnica.com/gadgets/2018/10/another-windows-0-day-flaw-has-been-published-on-twitter/