Failing to do so can result in leaks of confidential and valuable data that can have severe repercussions for individuals, as well as for enterprises. Tuesday, everyone was shocked to learn about two new vulnerabilities, one in Windows and the other in Linux, that can allow hackers to bypass OS security restrictions and access sensitive resources.
New Windows 11 vulnerability could lead to serious breaches
This critical Windows vulnerability was discovered by accident a few days ago when a researcher noticed what he believed was a coding regression in a beta version of the upcoming Windows 11. He also found that the contents of the security account manager (SAM), which is the database that stores user accounts and security descriptors for users on the local computer, could be read by users with limited system privileges. To give you a better understanding, we all know that, as operating systems and applications become harder to break into, successful attacks require two or more vulnerabilities to be exploited. I dont know the full extent of the issue yet, but its too many to not be a problem I think. pic.twitter.com/kl8gQ1FjFt — Jonas L (@jonasLyk) July 19, 2021 To be a bit more precise, one of the vulnerabilities will allow malicious third parties to access low-privileged OS resources, where code can be executed or private data can be read. The second vulnerability takes the process to a whole new level, granting access to system resources reserved for password storage or other sensitive operations.
How exactly does this issue allow attackers to infiltrate our systems?
The above-mentioned issue made it possible for third parties to extract cryptographically protected password data. -CVE-2021-36934 can be used to gain admin access for Windows 10 v1809 versions and later-No patches available yet-PoC and some logging tips availablehttps://t.co/x7rXAyByqy pic.twitter.com/EEtvRBLbU3 — Catalin Cimpanu (@campuscodi) July 21, 2021 Also, they could discover the password we used to install Windows, get their hands on the computer keys for the Windows data protection API, which can be used to decrypt private encryption keys. SPONSORED Another action that cyber attackers could perform while exploring this vulnerability is the creation of accounts on the targeted device. As you can imagine, the result is that the local user can elevate privileges all the way to System, the highest level in Windows.
This is now a new vulnerability and was present even on Windows 10
Users that took notice of these posts and responded, also pointed out that this behavior wasn’t a regression introduced in Windows 11, as initially thought. A: Local Privilege Escalation 🥳 Thank you @jonasLyk for this Read access on default Windows😘 pic.twitter.com/6Y8kGmdCsp — 🥝 Benjamin Delpy (@gentilkiwi) July 20, 2021 Allegedly, the same vulnerability that has Windows 11 users on the edge of their seats was present even in the latest version of Windows 10. Thus, the US Computer Emergency Readiness Team stated that this issue is manifesting when the Volume Shadow Copy Service, the Windows feature that allows the OS or applications to take snapshots of an entire disk without locking the filesystem, is turned on. What’s even worse, is that currently, there is no patch available, so there is no way of telling when this problem will actually be fixed. Microsoft company officials are investigating the vulnerability and will take action as needed. The vulnerability is being tracked as CVE-2021-36934, as Microsoft said that exploits in the wild are more likely. Are you taking extra precautions in order to avoid becoming a victim of cyber-attacks? Share your thoughts with us in the comments section below. Terribly badly coded PoC included. https://t.co/PX1fOGpzbf — Kevin Beaumont (@GossiTheDog) July 20, 2021
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
