The safety researcher Jonas Lykkegaard has found a brand new vulnerability that impacts Home windows 10 and Home windows 11. This is a matter that Permits the registry information and their databases to be accessible to the “Customers” group that doesn’t have elevated privileges on a tool.
Which means an everyday person, with out Administrator privileges, can entry information containing delicate data for all accounts on the system. That is particularly problematic within the case of the registry information related to the Safety Accounts Supervisor (SAM), the database that shops the encrypted person passwords.
The flaw could be exploited by any sort of person to achieve Administrator privileges
This represents a giant drawback since any attacker, even with restricted privileges, can extract NTLM hashed passwords for all accounts on a tool and use these hashes in assaults pass-the-hash to acquire elevated privileges.
An assault pass-the-hash It’s a method during which the attacker captures the hash of the password as an alternative of the characters of the password, and easily makes use of them to authenticate. with out having to decrypt the hash and get the password in plain textual content.
Microsoft has already recognized vulnerability recognized as CVE-2021-36934, and has described it as an elevation of privilege on account of too permissive Entry Management Lists (ACLs) on a number of system information.
An attacker who efficiently exploited this vulnerability may execute arbitrary code with SYSTEM privileges. An attacker may then set up applications; view, change or delete information; or create new accounts with full person rights.
It is very important word that the attacker wants to have the ability to execute code on the sufferer’s system with a view to execute this vulnerability. Microsoft is within the strategy of investigating and thus far they’ve discovered no proof that the bug is being exploited.
Microsoft offers steps for a temporary solution on the internet with the notification. They suggest limiting entry to the content material of
%windirpercentsystem32config and delete shadow copies from the Quantity Shadow Copy Service (VSS).
The corporate has additionally confirmed that this challenge impacts Home windows 10 beginning with model 1809. An official patch has not but been launched.
By way of | BleepingComputer