An exploit was found in Windows that would allow attackers to become administrators with a single click. The security flaw will likely affect major PC providers and leave customers vulnerable for no apparent reason. Experts are working on patches, but the damage is already done
Don has been writing professionally for more than ten years, although his love of the written word began in elementary school. Livebitcoinnews.com, Learnbonds.com, eHow, AskMen.com, and other websites have featured his work. Continue reading
- Researchers have discovered a new Windows zero-day attack that enables admin capabilities in versions of Windows 10, 11, and Windows Server.
- Once the vulnerability has been exploited, the threat actors will be able to travel throughout the network with SYSTEM access.
- The issue was initially detected in the Patch Tuesday for October 2021.
Researchers have uncovered a new attack that is a Windows vulnerability. Cybersecurity has gone a long way.
The new attack takes use of local privileges to provide administrators access to versions of Windows 10, Windows 11, and Windows Server.
Once a Standard user account has been given access, it has the ability to be elevated to SYSTEM user rights and travel throughout the network.
The flaw was identified in the October 2021 Patch Tuesday and corrected in the November 2021 Patch Tuesday, according to reports. There was a workaround that uncovered a more powerful privilege flaw and exploited it.
a demonstration of the concept
Abdelhamid Naceri of Trend Micro released a successful proof-of-concept (PoC) exploit for the new zero-day, claiming that it works on all supported versions of Windows.
“During the examination of the CVE-2021-41379 fix, this variant was uncovered. However, instead of removing the bypass, the problem was not corrected appropriately. This version has been dropped since it is more potent than the original.”
The PoC is “very reliable,” according to Naceri. He put it through its paces in a variety of scenarios and Windows versions, and it passed each time.
He goes on to say that the proof-of-concept also works in a Windows server environment. This is unusual since it prevents ordinary people from running MSI installers.
“Due to the intricacy of this issue, the best remedy available at the time of writing this is to wait [for] Microsoft to release a security fix.” Any effort to directly patch the binaries will cause [the] windows installation to fail.”
What are your thoughts on this latest exploit? Let us know what you think in the comments area.
Was this page of assistance to you?
Thank you very much!
There are insufficient details It’s difficult to comprehend Other Speak with a Professional
Start a discussion.