• Latest
  • Trending
Researcher drops instant admin Windows zero-day bug

Researcher drops instant admin Windows zero-day bug

November 25, 2021
Apple is reportedly testing iPhones with USB-C

Apple is reportedly testing iPhones with USB-C

May 16, 2022
Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

May 16, 2022
AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

May 16, 2022
GrAI Matter Labs Unveils sparsity-native AI SoC

GrAI Matter Labs Unveils sparsity-native AI SoC

May 16, 2022
Tecnotree Launches a Transformation Suite for MTN Ghana

Tecnotree Launches a Transformation Suite for MTN Ghana

May 16, 2022
Ghana with Moringa School and Brighter Investment to promote digital skills for jobs

Ghana with Moringa School and Brighter Investment to promote digital skills for jobs

May 16, 2022
SA Obscure Technologies announces strategic alliance with DNSSense

SA Obscure Technologies announces strategic alliance with DNSSense

May 16, 2022
SLVA Cybersecurity to provide crucial new API security solutions

SLVA Cybersecurity to provide crucial new API security solutions

May 16, 2022
Samsung PRO Endurance Up to 256GB microSD Memory Card

Samsung PRO Endurance Up to 256GB microSD Memory Card

May 16, 2022
Apacer AS2280Q4U M.2 PCIe Gen4 x4 NVMe 1.4 for PS5

Apacer AS2280Q4U M.2 PCIe Gen4 x4 NVMe 1.4 for PS5

May 16, 2022
ProGrade Digital SDXC UHS-II V90 512GB U3 Memory Card

ProGrade Digital SDXC UHS-II V90 512GB U3 Memory Card

May 16, 2022
Team Group T-Force Vulcan Z SATA 2.5-Inch With 3D TLC Flash

Team Group T-Force Vulcan Z SATA 2.5-Inch With 3D TLC Flash

May 16, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Monday, 16 May, 2022
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Researcher drops instant admin Windows zero-day bug

by ITECHNEWS
November 25, 2021
in Opinion
0 0
0
Researcher drops instant admin Windows zero-day bug

A newly-disclosed zero-day vulnerability in Windows could potentially allow local users to elevate their permissions to administrator status, and Microsoft has yet to post a fix.

A security researcher posted details on an elevation of privilege flaw in Microsoft Windows that could allow an attacker to gain administrator rights. 

YOU MAY ALSO LIKE

How to Eliminate Certificate Misconfiguration in Kubernetes

Types of Encryption Algorithms

Abdelhamid Naceri told SearchSecurity he did not notify Microsoft before posting the proof of concept Sunday for a flaw, which is related to a vulnerability Microsoft had previously attempted to address. The CVE-2021-41379 privilege escalation vulnerability in Windows Installer was supposed to have been fixed with the November Patch Tuesday update.

Naceri, however, found that the patch does not fully close up the vulnerability, and an attacker who had an end user account would still be able to exploit it and gain administrator rights on even fully-patched Windows and Windows Server machines.

“The best workaround available at the time of writing this is to wait Microsoft to release a security patch, due to the complexity of this vulnerability,” Naceri said in his write-up of the exploit. “Any attempt to patch the binary directly will break Windows Installer.”

Naceri said he found a second Windows Installer vulnerability as well, but is holding off on disclosure until this bug can be patched.

One possible bit of good news for enterprise security teams is that Naceri said he does not believe his exploit could be chained with other flaws to create something on the scale of a remote takeover attack, so for now the vulnerability would require the attacker to already have a local user account on the targeted machine. However, getting that access could be as simple as phishing an end user for their account credentials.

The disclosure will be a particularly unwelcome bit of news for administrators in the U.S., where many companies are planning to take a short week for the November 25th Thanksgiving holiday. CISA this week published an advisory reminding critical infrastructure organizations that several ransomware attacks this have taken place around holiday weekends, such the attack on Kaseya and its managed service provider customers.

“We are aware of the disclosure and will do what is necessary to keep our customers safe and protected,” A Microsoft spokesperson told SearchSecurity. “An attacker using the methods described must already have access and the ability to run code on a target victim’s machine.”

According to Cisco Talos, which posted a set of Snort rules to help guard against exploitation, the vulnerability is already being targeted in the wild.

“The code Naceri released leverages the discretionary access control list (DACL) for Microsoft Edge Elevation Service to replace any executable file on the system with an MSI file, allowing an attacker to run code as an administrator,” explained Cisco Talos technical leader Jaeson Schultz.

“Although Microsoft initially scored this as a medium- severity vulnerability, having a base CVSS score of 5.5, and a temporal score of 4.8, the release of functional proof-of-concept exploit code will certainly drive additional abuse of this vulnerability.”

Source: Cisco Talos

ShareTweetShare

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Apple is reportedly testing iPhones with USB-C

Apple is reportedly testing iPhones with USB-C

May 16, 2022
Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

May 16, 2022
AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

May 16, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Apple is reportedly testing iPhones with USB-C

Apple is reportedly testing iPhones with USB-C

May 16, 2022
Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

May 16, 2022

Recent News

  • Apple is reportedly testing iPhones with USB-C May 16, 2022
  • Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC May 16, 2022
  • AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU May 16, 2022
  • GrAI Matter Labs Unveils sparsity-native AI SoC May 16, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version