Cybersecurity researchers have shared a proof-of-concept (PoC) vulnerability for what they claim to be an unpatched zero-day elevation of privilege vulnerability that affects all versions of Windows, including the newly released Windows 11. The exploit The successful error allows attackers to gain SYSTEM privileges on the targeted Windows computer. However, the only silver lining is that the exploit requires the threat actor to know the credentials of a genuine user on the target machine. With this requirement, security researchers told BleepingComputer that the vulnerability would not be as widely exploited as other privilege escalation vulnerabilities, such as PrintNightmare, which has proven particularly difficult for Microsoft to patch.
Uneven patch
Security researcher Abdelhamid Naceri, who discovered the vulnerability and wrote the PoC, claims it exists because Microsoft failed to properly patch a previously reported vulnerability. Tracked as CVE-2021-34484, Naceri claims that Microsoft only fixed the vulnerability's symptom above, not its root clause. In a technical article, he claims that his PoC for the above vulnerability manifested as an arbitrary directory deletion bug. “Microsoft did not correct what was provided in the report, but rather the impact of the PoC. Since the PoC I wrote earlier was terrible, it could only reproduce a directory deletion error,” says Naceri. After reviewing the patch, Naceri found that the patch was not enough and that he could still exploit the underlying vulnerability and elevate privileges. Microsoft has yet to publicly acknowledge the vulnerability or comment on Naceri's claims. However, independent security researchers tested Nasceri's PoC and found that it works as expected. Take charge of Windows security with these best antivirus and endpoint protection programs.