Security > Security Alerts & Briefings

New Windows zero-day with public exploit lets you become an admin

(1/2) > >>

securitybreach:

--- Quote ---A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that gives admin privileges in Windows 10, Windows 11, and Windows Server.

BleepingComputer has tested the exploit and used it to open to command prompt with SYSTEM privileges from an account with only low-level 'Standard' privileges.

Using this vulnerability, threat actors with limited access to a compromised device can easily elevate their privileges to help spread laterally within the network.

The vulnerability affects all supported versions of Windows, including Windows 10, Windows 11, and Windows Server 2022....

However, Naceri warned that it is not advised to try and fix the vulnerability by attempting to patch the binary as it will likely break the installer.

"The best workaround available at the time of writing this is to wait Microsoft to release a security patch, due to the complexity of this vulnerability," explained Naceri.

"Any attempt to patch the binary directly will break windows installer. So you better wait and see how Microsoft will screw the patch again."
--- End quote ---

https://www.bleepingcomputer.com/news/microsoft/new-windows-zero-day-with-public-exploit-lets-you-become-an-admin/

Corrine:

--- Quote ---"The best workaround available at the time of writing this is to wait Microsoft to release a security patch, due to the complexity of this vulnerability," explained Naceri.
--- End quote ---

Plus, practice safe computing.  Due to the upcoming Thanksgiving holiday, I have the feeling we won't see an "Out of Band" update and may have to wait until December 14th (the next "Patch Tuesday").

securitybreach:
Yeah, unfortunately I think you are correct about that.

Digerati:

--- Quote ---When BleepingComputer asked Naceri why he publicly disclosed the zero-day vulnerability, we were told he did it out of frustration over Microsoft's decreasing payouts in their bug bounty program.
--- End quote ---

So in other words, the crybaby disclosed the zero-day vulnerability totally out of greed because his reward would only be $1,000 instead of the $10,000 he thought he deserved.  >:(

What a brat.

Let's not forget how this particular vulnerability may be exploited. The bad guy must have "limited access to a compromised device". That is, the bad guy must have physical access to the machine. How likely is that to happen and go unnoticed?

And then he or she must somehow be able to log into that Standard account. How? With the username "standard" and password, "12345678"?  It is not like a hacker in N. Korea or Iran can suddenly gain admin privileges on our systems with a couple clicks of his mouse.

"Security researcher"? Yeah right! He's a hacker. And not a white hat hacker either.





xrobwx71:
I would be more worried about slack remote connection policies. This would give an antagonist physical access as if they were there. They could also do it undetected if other vulnerabilities were present. ie: SSH, RDP, etc.

Navigation

[0] Message Index

[#] Next page

Go to full version