Introduced in the latest patch for a security breach, a new zero-day vulnerability allows an attacker to regain the highest privileges on Windows 10 and Windows 11.
You will also be interested
[EN VIDÉO] What is a cyberattack? With the development of the Internet and the cloud, cyber attacks are more and more frequent and sophisticated. Who is behind these attacks and for what purpose? What are the methods of hackers and what are the most massive cyber attacks?
We know that it is essential to apply the latest Windows security updates, but sometimes the cure is worse than the evil. This is precisely the case with the last November security update identified as CVE-2021-41379 coming to correct a security flaw. The latter could increase the privileges of an account in order to take control of a computer powered by Windows 10, Windows 11 and Server. But Abdelhamid Naceri, a cybersecurity researcher realized that with the fix for this vulnerability, it is now possible to obtain more privileges than on the original update.
By bypassing it, it is thus possible to open the command prompt with the highest level of privileges, even on a computer whose account is restricted in so-called “Standard” mode. This mode does not normally allow the user to install anything for security.
Big reduction of the bug bounty at Microsoft
The site BleepingComputer tested the malware InstallFileTakeOver deployed by the researcher, and it actually only took a few seconds to gain full privileges on a computer whose account was set to Standard mode. More than the discovery of this zero-day vulnerability, there is the manner in which it was disclosed. Contrary to practice, the researcher decided to broadcast publicly his discovery and his method. He justified his gesture in reaction to the drastic reduction in premiums, otherwise known as ” bug bounty ”, given to ethical hackers and which was applied by Microsoft in April 2020. In the meantime, despite the disclosure of this flaw, Microsoft has not yet released a patch.
Interested in what you just read?
.
fs1