New Windows 10 vulnerability allows anyone to get admin privileges

The Windows Exploits seems to to rolling out this july!

Yesterday a new:

Windows Elevation of Privilege Vulnerability

 

Was shown to the public 🙁

 

CVE-2021-36934 – Security Update Guide – Microsoft – Windows Elevation of Privilege Vulnerability

New Windows 10 vulnerability allows anyone to get admin privileges (bleepingcomputer.com)


Workarounds

Restrict access to the contents of %windir%\system32\config

  1. Open Command Prompt or Windows PowerShell as an administrator.
  2. Run this command: icacls %windir%\system32\config\*.* /inheritance:e

Delete Volume Shadow Copy Service (VSS) shadow copies

  1. Delete any System Restore points and Shadow volumes that existed prior to restricting access to %windir%\system32\config.
  2. Create a new System Restore point (if desired).

Impact of workaround Deleting shadow copies could impact restore operations, including the ability to restore data with third-party backup applications.

Note You must restrict access and delete shadow copies to prevent exploitation of this vulnerability.


New installs of 20H2 seems not affected, but upgraded systems before 20H2 TO 20H2 have the flaw!

So hackers needs to have physical or remote access to the computer somehow, to get this exploit going, so should one wait for patch or workaround, that’s for each one to decide 🙂

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close