Перейти к содержанию


Information security expert disappointed with Microsoft and published PoC code for vulnerability in Windows

В теме 1 сообщение

A cybersecurity researcher has posted an exploit for the local privilege escalation vulnerability (CVE-2021-41379) in Windows Installer, the exploitation of which gives administrator rights on systems running Windows 10, Windows 11 and Windows Server.
Using this vulnerability, attackers with limited access to a compromised device can easily elevate their privileges and gain the ability to roam the victim's network. The vulnerability affects all supported versions of Windows, including Windows 10, Windows 11, and Windows Server 2022.
As part of the November Tuesday patches, Microsoft has fixed a Windows Installer privilege escalation vulnerability. The vulnerability was discovered by cybersecurity researcher Abdelhamid Naseri, who discovered a bypass fix and a more powerful new privilege escalation vulnerability. Although Group Policy can be configured to prevent regular users from performing MSI installer operations, the new vulnerability bypasses this policy and will work anyway, Naseri said.
Naseri said he disclosed a vulnerability due to a decrease in payments from Microsoft under the Vulnerability Bounty Program. But Naseri is not alone in worrying about declining rewards. Other cybersecurity experts have also complained about Microsoft's new policy.

Поделиться сообщением

Ссылка на сообщение

Для публикации сообщений создайте учётную запись или авторизуйтесь

Вы должны быть пользователем, чтобы оставить комментарий

Создать учетную запись

Зарегистрируйте новую учётную запись в нашем сообществе. Это очень просто!

Регистрация нового пользователя


Уже есть аккаунт? Войти в систему.