A new vulnerability allows attackers to gain admin rights in Windows 11 and 10

Security researcher Abdelhamid Naceri has discovered a new zero-day vulnerability that allows a person to gain SYSTEM privileges in a matter of seconds. The vulnerability is known to affect all supported versions of Windows, including Windows 10, Windows 11, and Windows Server.

Monitor Hardware Banner Binary

The published script launches the command prompt with SYSTEM privileges from a user account with standard privileges.

Microsoft has fixed CVE-2021-41379 with the November 2021 hotfix, a Windows Installer privilege escalation vulnerability that Naceri also discovered.

Naceri discovered a new exploit version while analyzing CVE-2021-41379, noting that the original issue had not been fixed correctly. He chose not to publish a workaround for the fix that Microsoft released, stating that the new version he posted was more powerful than the original.

Abdelhamid Naceri has released public information about the vulnerability due to frustration with the Microsoft Bug Bounty program. The fact is that in April 2020, Microsoft reduced the amount of rewards for discovered vulnerabilities in its products. For example, the company used to pay about $ 10,000 for a zero-day vulnerability, while now the remuneration is only $ 1,000.

To test the exploit, BleepingComputer launched the script on Windows 10 version 21H1 (build 19043.1348), and confirmed that it does its work successfully.

Naceri also explained that Windows includes group policies to prevent 'Standard' users from performing MSI installer operations, but his exploit bypasses this policy and remains fully functional.

Microsoft is aware of the public disclosure for this vulnerability. The company is expected to release a fix for it as soon as possible.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!

Advertisment

Author: Sergey Tkachenko

Sergey Tkachenko is a software developer from Russia who started Winaero back in 2011. On this blog, Sergey is writing about everything connected to Microsoft, Windows and popular software. Follow him on Telegram, Twitter, and YouTube.

One thought on “A new vulnerability allows attackers to gain admin rights in Windows 11 and 10”

Leave a Reply

Your email address will not be published. Required fields are marked *