Category: Microsoft|Jul 23, 2021 | Author: Admin

Newly spotted Windows 10 and 11 vulnerability lets any user have admin privileges

Share on

Windows 11 preview testers have discovered an early security bug, one that seems to have carried over from Windows 10. This new Windows 10 and Windows 11 vulnerability creates a path for any local user to gain admin privileges.

As reported by Bleeping Computer, some Windows 10 and Windows 11 registry files are accessible by the ‘Users’ group, allowing anyone to extract the hashed credentials of admin accounts and use them to gain admin privileges.

 

The registry files we are talking about are stored in the C:\Windows\system32\config folder. There you will find the ‘SYSTEM’, ‘SECURITY’, ‘SAM’, ‘DEFAULT’, and ‘SOFTWARE’ files, which contain sensitive information that should not be accessible to low-level accounts. Unfortunately, that’s not the case.

 

To check the file permissions on this file, open the command prompt, and write “icacls C:\Windows\system32\config\’name of the file'”. After pressing enter, the command prompt will show you the file permissions.

 

When Windows is running, these files are in use, meaning unwanted guests won’t be allowed to access it. However, these files may be backed up by Windows shadow volume copies, which are accessible.

 

Microsoft has confirmed the vulnerability and plans to release a fix soon, although a community-generated fix has already been found. To fix the problem yourself, you’ll want to open up a command prompt as an administrator and execute the following command: “icacls %windir%\system32\config\*.* /inheritance:e”. If you have any shadow volume copies that were made before running the command, delete them.

Sponsored Ads:

Comments:


Microsoft confirms big Windows 11 reveal for gamers

Category: Microsoft|Feb 27, 2024 | Author: Admin

Security company sold users' browser activity

Category: Microsoft|Feb 26, 2024 | Author: Admin

Are you also tired of reboots?

Category: Microsoft|Feb 25, 2024 | Author: Admin

Apple officially unbans Epic Games iOS developer account

Category: Apple|Feb 24, 2024 | Author: Admin

Google Pauses Gemini AI Image Generator After It Created Inaccurate Historical Pictures

Category: Google|Feb 23, 2024 | Author: Admin

We never thought it would happen

Category: IT|Feb 22, 2024 | Author: Admin

It's finally over and the victims can rejoice

Category: IT|Feb 21, 2024 | Author: Admin

Accusing Intel of cheating

Category: IT|Feb 20, 2024 | Author: Admin

It was probably China that forced Apple

Category: Apple|Feb 19, 2024 | Author: Admin

It looks like Spotify is getting its revenge on Apple

Category: General|Feb 18, 2024 | Author: Admin

This changes everything

Category: IT|Feb 17, 2024 | Author: Admin

This is how Apple defends its new iPhone limitation

Category: Apple|Feb 16, 2024 | Author: Admin

Windows 11 will get this this month

Category: Microsoft|Feb 15, 2024 | Author: Admin

Watch out, they're shutting down on pc

Category: General|Feb 14, 2024 | Author: Admin

After 20 years, Apple's mistakes still haven't been fixed

Category: Apple|Feb 13, 2024 | Author: Admin
more