www.fudzilla.com
Open in
urlscan Pro
194.36.44.31
Public Scan
URL:
https://www.fudzilla.com/news/53930-windows-zero-day-makes-you-an-admin
Submission: On November 25 via api from US — Scanned from DE
Submission: On November 25 via api from US — Scanned from DE
Form analysis
1 forms found in the DOMPOST /news
<form class="form-search" action="/news" method="post">
<div class="search">
<label for="mod-search-searchword">Search ...</label><input name="searchword" id="mod-search-searchword" maxlength="200" class="input" type="text" size="20" placeholder="Search ...">
<input type="hidden" name="task" value="search">
<input type="hidden" name="option" value="com_search">
<input type="hidden" name="Itemid" value="498">
</div>
</form>
Text Content
Fudzilla It News and reviews * Home * News * Mobile * Graphics * AI & ML * PC Hardware * Transportation * Gaming * Cloud * IoT * Network * Reviews * About * Follow Us Facebook Twitter Print Email AddThis 0Share Search ... Published in News WINDOWS ZERO-DAY MAKES YOU AN ADMIN by Nick Farrell on24 November 2021 * font size decrease font size increase font size * Print * Email Its a good to be the King A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that turns a hacker into an admin. The exploit works in Windows 10, Windows 11, and Windows Server and was supposed to have been fixed in the November 2021 Patch Tuesday. Vole’s 'Windows Installer Elevation of Privilege Vulnerability' vulnerability is tracked as CVE-2021-41379 and was spotted by security researcher Abdelhamid Naceri. But Naceri found a bypass to the patch and a more powerful new zero-day privilege elevation vulnerability after examining Microsoft's fix. He published a working proof-of-concept exploit for the new zero-day on GitHub, explaining that it works on all supported versions of Windows. "This variant was discovered during the analysis of CVE-2021-41379 patch. The bug was not fixed correctly, however, instead of dropping the bypass. I have chosen to actually drop this variant as it is more powerful than the original one." Naceri explained that while it is possible to configure group policies to prevent 'Standard' users from performing MSI installer operations, his zero-day bypasses this policy and will work anyway. His 'InstallerFileTakeOver' exploit, and it only took a few seconds to gain SYSTEM privileges from a test account with 'Standard' privileges. Naceri said he is hacked off with Vole over its decreasing payouts in their bug bounty programme so he is releasing the exploit. He recommends users wait for Microsoft to release a security patch, as attempting to patch the binary will likely break the installer. We guess that they will be rushing to do this a little quicker. A Microsoft spokesperson said in a statement: "We are aware of the disclosure and will do what is necessary to keep our customers safe and protected. An attacker using the methods described must already have access and the ability to run code on a target victim's machine." Last modified on 24 November 2021 Rate this item * * 1 * 2 * 3 * 4 * 5 (1 Vote) Tagged under * windows zeroday More in this category: « Apple supplier IQE predicts profits plunge Japan allocates about $5.2 billion to support semi manufacturers » back to top MOST POPULAR * Apple sues NSO * LATEST COMMENTS * John Adams Take a chill pill Androd fanboi Apple sues NSO · 4 hours ago * Andrea Sibaldi "Apple is heading for a bad year too".... fear not, its spinners will find a way to make this... Apple supplier IQE predicts profits plunge · 4 hours ago * Andrea Sibaldi I know... but for some reason the pixel race is following the path of CPU clock or screen DPI... OnePlus 10 Pro leak shows an impressive flagship · 4 hours ago * Andrea Sibaldi Such as? Name one, since you are aware of facts we ignore...! Apple sues NSO · 4 hours ago * John Adams Still better than virus infested half-baked Androids.. lol Apple sues NSO · 22 hours ago READ MORE ABOUT: * Home * News * Mobile * Graphics * AI & ML * PC Hardware * Transportation * Gaming * Cloud * IoT * Network * Reviews * About