Category: Microsoft|Jul 23, 2021 | Author: Admin

Newly spotted Windows 10 and 11 vulnerability lets any user have admin privileges

Share on

Windows 11 preview testers have discovered an early security bug, one that seems to have carried over from Windows 10. This new Windows 10 and Windows 11 vulnerability creates a path for any local user to gain admin privileges.

As reported by Bleeping Computer, some Windows 10 and Windows 11 registry files are accessible by the ‘Users’ group, allowing anyone to extract the hashed credentials of admin accounts and use them to gain admin privileges.

 

The registry files we are talking about are stored in the C:\Windows\system32\config folder. There you will find the ‘SYSTEM’, ‘SECURITY’, ‘SAM’, ‘DEFAULT’, and ‘SOFTWARE’ files, which contain sensitive information that should not be accessible to low-level accounts. Unfortunately, that’s not the case.

 

To check the file permissions on this file, open the command prompt, and write “icacls C:\Windows\system32\config\’name of the file'”. After pressing enter, the command prompt will show you the file permissions.

 

When Windows is running, these files are in use, meaning unwanted guests won’t be allowed to access it. However, these files may be backed up by Windows shadow volume copies, which are accessible.

 

Microsoft has confirmed the vulnerability and plans to release a fix soon, although a community-generated fix has already been found. To fix the problem yourself, you’ll want to open up a command prompt as an administrator and execute the following command: “icacls %windir%\system32\config\*.* /inheritance:e”. If you have any shadow volume copies that were made before running the command, delete them.

Sponsored Ads:

Comments:


All versions of Windows are exposed

Category: Microsoft|Sep 25, 2021 | Author: Admin

Android's underappreciated upgrade advantage

Category: Google|Sep 24, 2021 | Author: Admin

No Electricity? A New Cooling System Uses Sunlight and Saltwater

Category: General|Sep 23, 2021 | Author: Admin

Slack begins rolling out video and audio message ‘clips’

Category: General|Sep 22, 2021 | Author: Admin

Roku's free OS 10.5 lets you dictate passwords, fixes pesky sound lags on headphones

Category: IT|Sep 21, 2021 | Author: Admin

Some good news and some strange news from Apple

Category: Apple|Sep 20, 2021 | Author: Admin

New Windows security updates break network printing

Category: Microsoft|Sep 19, 2021 | Author: Admin

Sent 700tb over 4 km of laser technology

Category: IT|Sep 18, 2021 | Author: Admin

'Massive' transatlantic data cable landed on beach in Bude

Category: Google|Sep 17, 2021 | Author: Admin

YouTube shuts down Discord music bot ‘Rythm’

Category: Google|Sep 16, 2021 | Author: Admin

Facebook's secret rules differentiate between the "elite" and most people

Category: General|Sep 15, 2021 | Author: Admin

Apple suddenly had to crisis-update the iPhone and Mac

Category: Apple|Sep 14, 2021 | Author: Admin

Epic is blocked forever on all Apple platforms

Category: Apple|Sep 13, 2021 | Author: Admin

NVIDIA To Launch GeForce RTX 30 SUPER ‘Ampere Refresh’ In January 2022, GeForce RTX 40 ‘Ada Lovelace’ GPUs in October 2022

Category: General|Sep 12, 2021 | Author: Admin

3 smart shortcuts for a curiously hidden Chrome OS command

Category: Google|Sep 11, 2021 | Author: Admin
more