A very serious security vulnerability that was discovered over the weekend and affects all Windows 10 and 11 operating systems is already being exploited and is putting many users at risk. This is undoubtedly a great danger as this vulnerability can lead to a person becoming the administrator of our machine. That means access to everything we have and more!
Windows 10 and Windows 11 have another fatal bug!
It is not yet the most dangerous campaigns that are active. This is because the threats found are currently exploring the best way to exploit this flaw and infect systems. Only then will large-scale attacks begin. This is a very common practice for those developing malware. Always look for the best way to make attacks more effective.
Either way, the vulnerability is an Elevation of Privilege bug that, oddly enough, exploits a fix introduced by Microsoft in the November Tuesday Patch. In other words, instead of putting locks on the door, she opened a small hole.
All versions are affected, and if the attacker gets what he wants, he becomes the administrator on a machine with Windows 10, 11 and Server 2022. This also applies if the person has made all the updates.
The BleepingComputer site tested this and managed to open a command line with administrative privileges from a low-privileged account.
However, there is a reason for so many security vulnerabilities to be publicly disclosed. It’s just that Microsoft has apparently reduced the rewards for those who discover them. Therefore, in many cases, most investigators prefer to divulge them or sell them to whoever pays the most, even if done for malicious purposes.
The fix comes next patch Tuesday.