It seems like there’s a new local zero-day exploit that grants admin privileges on Windows almost every day, and today is no exception. A vulnerability was disclosed by a researcher that allows anyone with standard privileges to open a command prompt with system-level access.
With this vulnerability, threat actors could go through the elevated command prompt to elevate their privileges and grant far more access than they’re meant to have. Someone can gain access to a system running Windows 10, Windows 11, and Windows Server 2022.
The exploit was discovered by researcher Abdelhamid Naceri and published on GitHub. To verify the issue, BleepingComputer tested it on a Windows PC running Windows 10 21H1 build 19043. 1348 and found that it “only took a few seconds to gain SYSTEM privileges from a test account with ‘Standard’ privileges.”
When asked by BleepingComputer why he chose to publicly disclose the vulnerability instead of reporting it to Microsoft’s bug bounty program, he cited massively decreased payouts for reporting issues. “Microsoft bounties has been trashed since April 2020, I really wouldn’t do that if MSFT didn’t take the decision to downgrade those bounties,” explained Naceri.
This is a local exploit. The person must access your computer personally. However, as mentioned, it only takes a few seconds for them to get elevated access, so they won’t need to be in possession for long. This is a problem you should be aware of and ensure that you download the patch as soon Microsoft makes it available.
The above article may contain affiliate links, which help support How-To Geek.