Two New Vulnerabilities Found In Windows and Linux

Share post:

Two new vulnerabilities- one in Windows and the other in Linux – have been discovered recently, and these vulnerabilities allow hackers to bypass a vulnerable system and access sensitive resources.

One vulnerability allows the hacker access to low privileged OS resources where code can be executed or sensitive data can be read; a second vulnerability increases the execution of code or file access to OS resources reserved for password storage or other sensitive operations.

The researcher found that the contents of the security account manager- the database that stores user accounts and security descriptors for users on the local computer- could be read by users even if they had limited system privileges.

This made it possible to obtain cryptographically protected password data, find the password that installed Windows, obtain the computer keys for the Windows data protection API- which can be used to decrypt private encryption keys–and create an account on the affected machine.

The result is that the local user ends up with privileges up to the system, the highest level in Windows.

A Microsoft representative said that company officials would investigate the vulnerability and take appropriate action as needed, which is being tracked as CVE-2021-36934.

The exploit described comes with significant overhead, particularly around 1 million nested directories.

The attack also requires about 5GB of storage and 1 million inodes. Despite these complications, a Qualys representative described the PoC as “extremely reliable” and said it only takes about three minutes.

Linux users should check with the distributor if patches are available to fix the vulnerability. Windows users should wait for advisories from Microsoft and security experts.

For more information, read the original story in Arstechnica.

Featured Tech Jobs


Related articles

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Cyber Security Today, Feb. 21, 2024 – A patch warning from ConnectWise, the latest ransomware news, and more

This episode reports on a report comparing business email compromise attacks against ransomware

UK leads takedown of LockBit ransomware gang’s website

The LockBit ransomware gang’s website has been seized, several news agencies reported late Monday. The Reuters news agency and The Register are carrying stories based on a new splash screen that has appeared on the gang’s website. It says, “This site is now under the control of the National Crime Agency of the UK, working

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways