Category: Microsoft|Jul 23, 2021 | Author: Admin

Newly spotted Windows 10 and 11 vulnerability lets any user have admin privileges

Share on

Windows 11 preview testers have discovered an early security bug, one that seems to have carried over from Windows 10. This new Windows 10 and Windows 11 vulnerability creates a path for any local user to gain admin privileges.

As reported by Bleeping Computer, some Windows 10 and Windows 11 registry files are accessible by the ‘Users’ group, allowing anyone to extract the hashed credentials of admin accounts and use them to gain admin privileges.

 

The registry files we are talking about are stored in the C:\Windows\system32\config folder. There you will find the ‘SYSTEM’, ‘SECURITY’, ‘SAM’, ‘DEFAULT’, and ‘SOFTWARE’ files, which contain sensitive information that should not be accessible to low-level accounts. Unfortunately, that’s not the case.

 

To check the file permissions on this file, open the command prompt, and write “icacls C:\Windows\system32\config\’name of the file'”. After pressing enter, the command prompt will show you the file permissions.

 

When Windows is running, these files are in use, meaning unwanted guests won’t be allowed to access it. However, these files may be backed up by Windows shadow volume copies, which are accessible.

 

Microsoft has confirmed the vulnerability and plans to release a fix soon, although a community-generated fix has already been found. To fix the problem yourself, you’ll want to open up a command prompt as an administrator and execute the following command: “icacls %windir%\system32\config\*.* /inheritance:e”. If you have any shadow volume copies that were made before running the command, delete them.

Sponsored Ads:

Comments:


Now everyone can test the new from Apple!

Category: Apple|Jul 16, 2024 | Author: Admin

Google reportedly is close to buying cybersecurity company Wiz for $23 billion

Category: Google|Jul 15, 2024 | Author: Admin

OpenAI whistleblowers ask SEC to investigate alleged restrictive non-disclosure agreements

Category: IT|Jul 14, 2024 | Author: Admin

Norwegian Vivaldi reaches out to Google

Category: IT|Jul 13, 2024 | Author: Admin

Soon, Apple fans may flee Google, and the other way around

Category: IT|Jul 12, 2024 | Author: Admin

Apple's iPhone change is fantastic for Norwegians - Vipps rejoices

Category: Apple|Jul 11, 2024 | Author: Admin

iPhone gets it five years after Android

Category: Google|Jul 10, 2024 | Author: Admin

This cannot continue - COMMENT

Category: IT|Jul 9, 2024 | Author: Admin

Major camera improvements in free update

Category: IT|Jul 8, 2024 | Author: Admin

The beginning of the end for Blu-ray

Category: IT|Jul 7, 2024 | Author: Admin

"We have won the battle against floppy disks!"

Category: IT|Jul 6, 2024 | Author: Admin

33 million mobile numbers leaked

Category: IT|Jul 5, 2024 | Author: Admin

This is great iPhone 16 news

Category: Apple|Jul 4, 2024 | Author: Admin

Pixel gets exclusive "Google AI"

Category: Google|Jul 3, 2024 | Author: Admin

Who shops them?

Category: IT|Jul 2, 2024 | Author: Admin
more