Despite Microsoft’s efforts to make its operating system a secure environment, the truth is that threats appear almost periodically which put the development of the American company in check. And that’s what an investigator discovered when he revealed an exploit that obtained administrator permissions.

A new security vulnerability that can make it easier for an attacker to gain administrator privileges and affects both Windows 10 and Windows 11 and Windows Server 2022. A zero-day vulnerability that leaves a computer fully exposed.

No solution for the moment

Exploit discovered. Image Github

This is a security flaw discovered by researcher Abdelhamid Naceri, who discovered a zero-day elevation of privilege vulnerability that successfully overcome the patch released by Microsoft on Patch Tuesday released in November under the CVE issue. -2021-41379.

The vulnerability affects all supported versions of Windows, including Windows 10, Windows 11, and Windows Server 2022, and patch CVE-2021-41379 did not address it. If an attacker takes advantage, he can gain privileged administrator access to a computer.

In fact, from BleepingComputer, they claim to have tested the operation of the exploit (InstallerFileTakeOver) and to have successfully opened the command prompt with administrator privileges from an account with standard privileges on a computer with Build Windows 10 21H1 19043.1348.

To show how it works, Abdelhamid Naceri posted details of how the exploit works on GitHub, explaining that it works on all supported versions of Windows. Incidentally, he explains that although group policies can be configured to prevent unprivileged users from performing operations with MSI files, this exploit makes this measure unnecessary.

Abdelhamid Naceri’s reason is due to the frustration over Microsoft’s drop in payments on the bug bounty program.

Microsoft is expected to address this zero-day vulnerability in an upcoming Patch Tuesday update. For now, the discoverer warns that it is not recommended to attempt to patch the vulnerability by patching the binary, as this may break the installer.

Via | Beeping computer
More information | GitHub