https://www.theregister.co.uk/2018/10/24/windows_0day_twitter/

A skilled Microsoft bug hunter with a penchant for public disclosures via Twitter has openly floated a new Windows 10 zero-day flaw.

The researcher, who goes by the pseudonym SandboxEscaper, says the bug is present in the code handling advanced local procedure calls (ALPCs). It can be exploited by a malicious logged-in user or malware on an already infected computer to arbitrarily delete or tamper with anything from application .dll files to critical system components.