All Windows Versions Impacted by LPE Zero-day Vulnerability

Share post:

A Windows zero-day privilege elevation vulnerability was recently uncovered after proof-of-concept (PoC) was released by security researcher Abdelhamid Naceri.

This unpatched vulnerability affects all versions of Windows including Windows 10, 11, and Windows Server 2022.

While the vulnerability may allow users to gain SYSTEM privileges under certain conditions, it however requires a threat actor to know another user’s username and password in a bid to trigger the vulnerability.

Microsoft originally released an update for a “Windows User Profile Service Elevation of Privilege Vulnerability” in August to fix the vulnerability discovered by Naceri as CVE-2021-34484. However, this was not enough, as Naceri discovered that he could work around it with a new exploit that could cause an elevated command prompt to be started with SYSTEM privileges while displaying the User Account Control (UAC) prompt for user accounts.

<span class=”s1″> </span>Naceri clarified, “Technically, in the previous report CVE-2021-34484. I described a bug where you can abuse the user profile service to create a second junction. But as I see from ZDI advisory and Microsoft patch, the bug was metered as an arbitrary directory deletion bug. Microsoft didn’t patch what was provided in the report but the impact of the PoC. Since the PoC I wrote before was horrible, it could only reproduce a directory deletion bug.”

For more information, read the original story in Bleeping Computer.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, Week in Review for week ending Friday, March 1, 2024

This episode features a discussion on how hard it is to kill a ransomware gang, Canada's proposed new online harms bill, why organizations still allow staff to use vulnerable software

Healthcare sector “stretched thin” in fight against cyber attacks warns CSO of Health-ISAC

In an interview Errol Weiss talks about the challenges facing hospitals a

Cyber Security Today, March 1, 2024 – Warnings to GitHub users and Ivanti gateway administrators, and more

This episode reports on a recommendation that enterprises drop Ivanti Policy Secure and Connect Secure devices because threat actors can get around mitigations for recent vulne

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways