• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Monday, June 23, 2025
  • Login
  • Register
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home Gaming

This dangerous Windows zero-day lets you instantly become an admin

by Aashish Sehrawat
November 24, 2021
in Gaming, Popular, Tech
Reading Time: 2 mins read
0
Japanese firms set to test digital currency, launch in FY2022

Image: securityaffairs

TwitterWhatsappLinkedin
Image: securityaffairs

An exploit for a new Windows zero-day local privilege elevation vulnerability that grants admin rights in Windows 10, Windows 11, and Windows Server has been publicly revealed by a security researcher.

You might also like

Why Smart Entrepreneurs Are Betting Big on Shopify Store Management Services

Anthropic Researchers Allege Widespread Deception and Blackmail Capabilities in AI Models

Microsoft Science Chief Criticizes Trump’s Proposal to Prohibit State-Level AI Governance

The vulnerability was tested by BleepingComputer, who used it to open a command prompt with SYSTEM capabilities from a user account with only ‘Standard’ privileges.

Threat actors with limited access to a compromised device might simply elevate their privileges to help spread laterally within the network by exploiting this vulnerability.

All supported versions of Windows, including Windows 10, Windows 11, and Windows Server 2022, are vulnerable.

Microsoft addressed a CVE-2021-41379. ‘Windows Installer Elevation of Privilege Issue’ vulnerability as part of the November 2021 Patch Tuesday.

After reviewing Microsoft’s update, security researcher Abdelhamid Naceri uncovered a bypass to the patch as well as a more potent new zero-day privilege escalation issue.

Naceri posted a successful proof-of-concept exploit for the new zero-day on GitHub yesterday, claiming that it works on all supported Windows versions.

“This variant was discovered during the analysis of CVE-2021-41379 patch. the bug was not fixed correctly, however, instead of dropping the bypass,” explains Naceri in his writeup. “I have chosen to actually drop this variant as it is more powerful than the original one.”

Furthermore, while group policies can be configured to block ‘Standard’ users from executing MSI installation operations, Naceri’s zero-day exploit bypasses this policy and still works.

The ‘InstallerFileTakeOver’ exploit was tested by BleepingComputer, and it only took a few seconds to get SYSTEM privileges from a test account with ‘Standard’ privileges, as shown in the video below.

The test was run on a fresh installation of Windows 10 21H1 build 19043.1348.

When we questioned Naceri why he publicly exposed the zero-day vulnerability, he said it was due to his unhappiness with Microsoft’s bug bounty program’s declining compensation.

“Microsoft bounties has been trashed since April 2020, I really wouldn’t do that if MSFT didn’t take the decision to downgrade those bounties,” explained Naceri.

Naceri isn’t alone in his dissatisfaction with what researchers believe is a decrease in bug bounty rewards.

https://twitter.com/MalwareTechBlog/status/1287848085243060224?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1287848085243060224%7Ctwgr%5E%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fmicrosoft%2Fnew-windows-zero-day-with-public-exploit-lets-you-become-an-admin%2F

BE CAREFUL! Microsoft will reduce your bounty at any time! This is a Hyper-V RCE vulnerability be able to trigger from a Guest Machine, but it is just eligible for a $5000.00 bounty award under the Windows Insider Preview Bounty Program. Unfair! @msftsecresponse
@msftsecurity pic.twitter.com/sJw3cjsliF

— rthhh (@rthhh17) November 9, 2021

“We are aware of the disclosure and will do what is necessary to keep our customers safe and protected. An attacker using the methods described must already have access and the ability to run code on a target victim’s machine.” – a Microsoft spokesperson.

Microsoft will most likely remedy the vulnerability in an upcoming Patch Tuesday release, as is customary with zero days.

However, third-party patching businesses should avoid attempting to solve the vulnerability by patching the binaries because this will most likely disrupt the installation, according to Naceri.

Tags: gatesMicrosoftmsmsofficew11w19windows
Tweet54SendShare15
Previous Post

Japanese firms set to test digital currency, launch in FY2022

Next Post

Italy fines Apple, Amazon $225M in ‘antitrust’ action

Aashish Sehrawat

Recommended For You

Why Smart Entrepreneurs Are Betting Big on Shopify Store Management Services

by Rohan Mathawan
June 23, 2025
0
Why Smart Entrepreneurs Are Betting Big on Shopify Store Management Services

Operating a Shopify store can be a dream come true initially — clean themes, drag-and-drop editors, and scores of apps that are supposed to deliver. However, once the...

Read more

Anthropic Researchers Allege Widespread Deception and Blackmail Capabilities in AI Models

by Sneha Singh
June 23, 2025
0
Anthropic Researchers Allege Widespread Deception and Blackmail Capabilities in AI Models

What happens when artificial intelligence feels cornered? According to shocking new research from Anthropic, some of the world's most advanced AI models will resort to blackmail, deception, and...

Read more

Microsoft Science Chief Criticizes Trump’s Proposal to Prohibit State-Level AI Governance

by Sneha Singh
June 23, 2025
0
Microsoft Science Chief Criticizes Trump's Proposal to Prohibit State-Level AI Governance

The chief scientist of Microsoft is pushing back against Donald Trump's plan to ban state-level artificial intelligence regulations, arguing that such restrictions could actually slow down AI development...

Read more
Next Post
Japanese firms set to test digital currency, launch in FY2022

Italy fines Apple, Amazon $225M in ‘antitrust’ action

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at [email protected]

Advertise With Us

Reach out at - [email protected]

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook flipkart funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News NFT samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2024 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2024 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?