This flaw in Windows allows you to take control of any computer!

We know that it is essential to apply the latest Windows security updates, but sometimes the cure is worse than the evil. This is precisely the case with the last November security update identified as CVE-2021-41379 coming to correct a security flaw. The latter could increase the privileges of an account in order to take control of a computer powered by Windows 10, Windows 11 and Server. But Abdelhamid Naceri, a cybersecurity researcher realized that with the fix for this vulnerability, it is now possible to obtain more privileges than on the original update.

By bypassing it, it is thus possible to open the command prompt with the highest level of privileges, even on a computer whose account is restricted in so-called “Standard” mode. This mode does not normally allow the user to install anything for security.

Big reduction of the bug bounty at Microsoft

The site BleepingComputer tested the malware InstallFileTakeOver deployed by the researcher, and it actually only took a few seconds to gain full privileges on a computer whose account was set to Standard mode. More than the discovery of this zero-day vulnerability, there is the manner in which it was disclosed. Contrary to practice, the researcher decided to broadcast publicly his discovery and his method. He justified his gesture in reaction to the drastic reduction in premiums, otherwise known as ” bug bounty ”, given to ethical hackers and which was applied by Microsoft in April 2020. In the meantime, despite the disclosure of this flaw, Microsoft has not yet released a patch.