Two new vulnerabilities, one in Windows and the other in Linux, were discovered on Tuesday, allowing hackers with a presence in a vulnerable machine to circumvent OS security limits and access critical resources. Microsoft's Windows 10 and upcoming Windows 11 versions have been discovered to be vulnerable to a new local privilege escalation vulnerability that allows users with low-level permissions to access Windows system files, permitting them to decrypt private keys and uncover the operating system installation password. The vulnerability has been named "SeriousSAM".CERT Coordination Center (CERT/CC) stated in a vulnerability note published, "Starting with Windows 10 build 1809, non-administrative users are granted access to SAM, SYSTEM, and SECURITY registry hive files. This can allow for local privilege escalation (LPE)." The operating system configuration files in question are as follows - c:WindowsSystem32configsam c:WindowsSystem32configsystem c:WindowsSystem32configsecurity Microsoft acknowledged the vulnerability, which has been assigned the number CVE-2021-36934 but is yet to offer a patch or provide a timeframe for when a fix will be released. The Windows makers explained, "An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.” However, successful exploitation of the issue implies that the attacker has already gained a foothold and has the capacity to execute code on the target machine. In the meanwhile, users should restrict entry to sam, system, and security files and erase VSS shadow copies of the system disc ..
Support the originator by clicking the read the rest link below.
