Home » Breaking Computer security Cyber Security Device security Latest Cybersecurity News Windows security

Zero-day vulnerability with privilege escalation affecting Windows devices

William Marshal Posted On November 24, 2021
0


Zero-day vulnerability

An exploit has been recently disclosed by a security researchers for a Windows based zero-day vulnerability. This is a zero-day exploit that provides admin privileges to Windows 10, Windows 11 and Windows Server devices.

When testing the exploit, the vulnerability did help in opening command prompts with increased privilege. Cyber threat actors can employ this vulnerability to gain access to elevated privileges in any Windows based device, and then can further work on the same to distribute payloads laterally within the infected network.

Zero-day vulnerability was bypassed by a researcher

In the month of November 2021, Microsoft fixed the vulnerability during their monthly Patch Tuesday schedule. However, unfortunately the exploit isn’t completely fixed. A security researcher named Abdelhamid Naceri, was able to bypass the latest patch and execute a zero-day privilege elevation in a Windows device and also shared the PoC for the same.

If you guys by any chance thinking to disable the MSI installer for your users, the zero-day vulnerability will bypass this as well. The researcher conducted the test on Windows 10 21H1 build 19043.1348. Naceri could have disclosed the exploit to Microsoft, but it seems he isn’t happy about the bug bounty rewards and thus went ahead and made it public.

Workaround for this zero-day vulnerability

According to the researcher ‘The best workaround available at the time of writing this is to wait for Microsoft to release a security patch, due to the complexity of this vulnerability. Any attempt to patch the binary directly will break the windows installer. So you better wait and see how Microsoft will screw the patch again’.

We can wait for Microsoft to fix the zero-day in next Patch Tuesday and deploy that patch for permanent fix hopefully.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.

You can reach out to us via Twitter or Facebook, for any advertising requests.

Share the article with your friends




Author

William Marshal

William has been one of the key contributors to 'The Cybersecurity Times' with 9.5 years of experience in the cybersecurity journalism. Apart from writing, he also like hiking, skating and coding.

You may also like
Barracuda Zero-Day Vulnerability exploits data since 2022
May 31, 2023
Leave A Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.