0patch released free unofficial patches for Windows local privilege escalation zero-day (CVE-2021-24084) in Windows 10, version 1809 and later. The issue doesn’t impact Windows Servers because the vulnerable functionality in not implemented in these OSs.
The issue resides in the “Access work or school” settings of the Mobile Device Management Service. The vulnerability, discovered by the security researcher Abdelhamid Naceri, can be exploited to bypass a patch released by Microsoft in February to address another information disclosure flaw (CVE-2021-24084) reported by the same expert.
Naceri reported this month that the vulnerability has yet to be addressed and can be exploited to escalate privileges.
“Namely, as HiveNightmare/SeriousSAM has taught us, an arbitrary file disclosure can* be upgraded to local privilege escalation if you know which files to take and what to do with them. We confirmed this by using the procedure described in this blog post by Raj Chandel in conjunction with Abdelhamid’s bug – and being able to run code as local administrator.” wrote 0patch co-founder Mitja Kolsek. “Two conditions need to be met in order for the local privilege escalation to work:
0patch released unofficial patches for:
0patch will provide free micropatches for this vulnerability until Microsoft has issued an official patch. Users that want to install the micropatches can create a free account in 0patch Central, then install 0patch Agent from 0patch.com. The company pointed out that no computer reboots will be needed.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Windows)
[adrotate banner=”5″]
[adrotate banner=”13″]
Google addressed a Chrome's Password Manager bug that caused user credentials to disappear temporarily for…
The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS…
Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks.…
Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report…
A critical flaw in some versions of Docker Engine can be exploited to bypass authorization…
The CVE-2024-21412 flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers…
This website uses cookies.