Windows

Windows Vulnerability Let Hackers Become Admin

After patch day, there’s a misery that’s been seen before: either you install the updates and may be living with issues that make working on the PC nearly impossible, or you’ll skip the patch and risk getting hacked. That is the conclusion after the last patch day and the release of an exploit for a vulnerability that Microsoft closed with the January updates.

According to that Report by beeping computer The bottom line is this, especially for administrators who manage multiple computers: you either have the assurance of being protected from a critical vulnerability, or you run the equally real risk of your PCs becoming useless, as there are some massive bugs in the update. . After the January patch, reports of sudden reboots, L2TP VPN issues, inaccessible ReFS volumes, and Hyper-V issues have been reported. Due to a significant number of critical bugs, many administrators have decided to skip the January 2022 updates.

Increase of permissions

This is not uncommon, but it is dangerous – security-relevant changes are introduced on the day of the patch and the risk that cybercriminals will exploit them increases as vulnerabilities become known. This month is particularly sensitive because a security researcher published an exploit for a local elevation of privilege vulnerability in Windows that could allow anyone to gain administrative privileges in Windows 10.

This vulnerability allows threat actors with limited access to a compromised device to increase their privileges. to propagate over the network, create new administrators with administrative privileges, or execute privileged commands. The vulnerability affects all versions of Windows 10. The vulnerability is old. Microsoft fixed the Win32k Elevation of Privilege Vulnerability vulnerability, called CVE-2022-21882, in January. This is a workaround of the previously patched and actively exploited bug CVE-2021-1732, a vulnerability that was fixed in the previous year.

Several exploits for CVE-2022-21882 were released this week that allow anyone to gain system privileges on vulnerable Windows 10 devices. According to Bleeping Computer, this is complicated by the fact that it is the same vulnerability that was discovered two years ago by Israeli security researcher and CEO of Piiano, Gil Dabah. According to the report, he decided not to publish the bug due to Microsoft’s reduced bug bounty premiums.