The new exploit takes advantage of local privileges and grants administrators access to Windows 10, Windows 11 and Windows Server versions. Once access is granted to a Standard user account,it has the potential of elevating to SYSTEM user privileges and making further movements within the network. The vulnerability was apparently discovered in the October 2021 Patch Tuesday and fixed in the November 2021 Patch Tuesday. There was a bypass that discovered a more powerful privilege vulnerability and took advantage of the situation.

Proof of Concept

Trend Micros’s Abdelhamid Naceri published a working proof-of-concept (PoC) exploit for the new zero-day and says it functions on all supported versions of Windows. According to Naceri, the PoC is “extremely reliable.” He has put it under test in varied conditions and different Windows variants which were successful on each attempt. He further explains that the PoC even works in Windows server installation. This is rare because it does not allow standard users to perform MSI installer operations. What do you make of this new exploit? Share your thoughts in the comment section.

Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ