An exploit has been recently disclosed by a security researchers for a Windows based zero-day vulnerability. This is a zero-day exploit that provides admin privileges to Windows 10, Windows 11 and Windows Server devices.
When testing the exploit, the vulnerability did help in opening command prompts with increased privilege. Cyber threat actors can employ this vulnerability to gain access to elevated privileges in any Windows based device, and then can further work on the same to distribute payloads laterally within the infected network.
In the month of November 2021, Microsoft fixed the vulnerability during their monthly Patch Tuesday schedule. However, unfortunately the exploit isn’t completely fixed. A security researcher named Abdelhamid Naceri, was able to bypass the latest patch and execute a zero-day privilege elevation in a Windows device and also shared the PoC for the same.
If you guys by any chance thinking to disable the MSI installer for your users, the zero-day vulnerability will bypass this as well. The researcher conducted the test on Windows 10 21H1 build 19043.1348. Naceri could have disclosed the exploit to Microsoft, but it seems he isn’t happy about the bug bounty rewards and thus went ahead and made it public.
According to the researcher ‘The best workaround available at the time of writing this is to wait for Microsoft to release a security patch, due to the complexity of this vulnerability. Any attempt to patch the binary directly will break the windows installer. So you better wait and see how Microsoft will screw the patch again’.
We can wait for Microsoft to fix the zero-day in next Patch Tuesday and deploy that patch for permanent fix hopefully.
Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.
You can reach out to us via Twitter or Facebook, for any advertising requests.
Discover the best log management tools for efficient system management and monitoring. Learn about the…
Taking remote of devices and managing them will make thing simple for IT admins. In…
In 2024, the Unified Endpoint Management Software market will continue to evolve and here are…
Explore the top 5 threat intelligence tools, their features, and how they enhance cybersecurity against…
Explore the top 5 best Microsoft Intune alternatives, comparing key features, user reviews, and capabilities…
Recast Software offers a suite of tools designed to enhance and simplify endpoint management in…