A vulnerability in operational systems Windows 10 and Windows 11 is leaving admin passwords exposed to local users. This can allow other profiles to escalate their permissions and gain admin privileges. In practice, this gives full access to the system for all users of the same computer.
According to a user of Twitter identified as Jonas Lyk, Windows Security Account Manager (SAM) data can be accessed by users with very limited privileges. It appears that Microsoft realized and recognized the vulnerability, and published an executive summary in its Security Vulnerabilities page.
yarh- for some reason on win11 the SAM file is now READ for users.
So if you have shadowvolumes enabled you can read the sam file like this:
I dont know the full extent of the issue yet, but its too many to not be a problem I think. pic.twitter.com/kl8gQ1FjFt
- Jonas L (@jonasLyk) July 19th, 2021
According to Microsoft, this new vulnerability is a result of inadequate protection of access control lists on various system files, including the SAM database. The company further notes that an unauthorized person could use the flaw to run code and add, change or delete user data.
Microsoft concludes the document by noting that unauthorized users must have the technical ability to run code on Windows 10 and 11 systems in order to effectively take advantage of the vulnerability. Microsoft is expected to release new updates on the flaw soon, but there is no date yet. an atualization correct it.
Other Twitter users noted that the flaw only exists for systems running Windows 1809 build 10 and some versions of Windows 11. These other users also noted that in addition to allowing access to SAM data, the vulnerability also allows access to certain system and security files.
- Brazil needs a non-espionage agreement on 5G technology
- Find out if your iPhone has been infected with the NSO Pegasus virus
- Priest resigns after having cell hacked and leaked intimate data
In order to take advantage of the vulnerability, the system must have a VSS copy of the system drive. This copy may exist as a result of inadvertent actions such as installing a hard drive larger than 128GB followed by a Windows upgrade.
With information Tech Xplore
Have you watched our new videos on YouTube? Subscribe to our channel!