They discover a zero day exploit that allows you to acquire administrator privileges on Windows 10 computers

Despite Microsoft's efforts to convert its operating system into a secure environment, the truth is that threats appear almost periodically that jeopardize the development of the American company. And that's what a researcher has discovered by revealing a exploit that allows you to gain administrator permissions

A new security hole that can make it easier for an attacker to gain administrator privileges and that affects both Windows 10 and Windows 11 and Windows Server 2022 . A zero-day vulnerability that leaves a computer fully exposed.

No solution for now

Exploit discovered. Github Image

This is a security breach discovered by researcher Abdelhamid Naceri, who found a zero-day elevation of privilege vulnerability that managed to bypass the patch released by Microsoft in Patch Tuesday released in November as CVE-2021-41379.

The vulnerability affects all supported versions of Windows, including Windows 10, Windows 11, and Windows Server 2022 and Patch CVE-2021-41379 has not been fixedIf an attacker takes advantage of it, they can gain administrator access to a computer.

In fact, from BleepingComputer they affirm that they have tested the operation of the exploit (InstallerFileTakeOver) and they have managed to open the command prompt with administrator privilegesfrom an account with standard privileges on a machine with Build 19043.Windows 10 1348 21H1.

To demonstrate how it works, Abdelhamid Naceri posted details of how the exploit works on GitHub, explaining that works on all supported versions of WindowsIncidentally it explains that although group policies can be configured to prevent unprivileged users from performing operations with MSI files, this exploit renders this measure useless.

The reason why Abdelhamid Naceri is due to frustration with Microsoft's falling payments in the rewards program for find errors.

Hopefully Microsoft will fix this zero-day vulnerability in a future Patch Tuesday update. For now, the discoverer advises that it is not advisable to attempt to fix the vulnerability by patching thebinary, as it will likely break the installer.

Via | Bleeping Computer More information | GitHub