This dangerous Windows zero-day lets you instantly become an admin

Bypassing the patch to a less severe bug led the researcher to the more severe vulnerability

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurityresearchers have publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that gives admin privileges inWindows 10,Windows 11, andWindows Serverreleases.

Exploiting this bug, threat actors with access to a limited Standard user account on a vulnerable Windows installation can elevate to SYSTEM user privileges, and then move laterally within the network.

Abdelhamid Naceri working withTrend Micro’s Zero Day Initiative had originally discovered the vulnerability, whichMicrosofthad fixed as part of the November 2021 Patch Tuesday. However, examination of Microsoft’s patch led Naceri to discover a bypass that led to the more powerful new privilege elevation vulnerability.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

Powerful PoC

Powerful PoC

Naceri has published a working proof-of-concept (PoC) exploit for the new zero-day, saying that it works on all supported versions of Windows.

“This variant was discovered during the analysis of CVE-2021-41379 patch. the bug was not fixed correctly, however, instead of dropping the bypass. I have chosen to actually drop this variant as it is more powerful than the original one,”wroteNaceri.

Naceri claims that his PoC is “extremely reliable,” and he’s tested it in multiple conditions and Windows variants and found that it works in every attempt. Furthermore, he explains that the PoC even works in Windows server installation as well, which by default doesn’t allow standard users to performMSIinstaller operations.

“The best workaround available at the time of writing this is to wait [for] Microsoft to release a security patch, due to the complexity of this vulnerability. Any attempt to patch the binary directly will break [the] windows installer,” suggests Naceri.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Protect your computers with the help of thebest endpoint protection toolsanduse thesebest security keysto add another layer to safeguard your accounts

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Should your VPN always be on?

3 reasons why PIA fell in our best VPN rankings

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well