0patch releases unofficial patches for CVE-2021-24084 Windows 10 zero-day

0patch released free unofficial patches for Windows local privilege escalation zero-day (CVE-2021-24084) in Windows 10, version 1809 and later.

0patch released free unofficial patches for Windows local privilege escalation zero-day (CVE-2021-24084) in Windows 10, version 1809 and later. The issue doesn’t impact Windows Servers because the vulnerable functionality in not implemented in these OSs.

The issue resides in the  “Access work or school” settings of the Mobile Device Management Service. The vulnerability, discovered by the security researcher Abdelhamid Naceri, can be exploited to bypass a patch released by Microsoft in February to address another information disclosure flaw (CVE-2021-24084) reported by the same expert.

Naceri reported this month that the vulnerability has yet to be addressed and can be exploited to escalate privileges.

“Namely, as HiveNightmare/SeriousSAM has taught us, an arbitrary file disclosure can* be upgraded to local privilege escalation if you know which files to take and what to do with them. We confirmed this by using the procedure described in this blog post by Raj Chandel in conjunction with Abdelhamid’s bug – and being able to run code as local administrator.” wrote 0patch co-founder Mitja Kolsek. “Two conditions need to be met in order for the local privilege escalation to work:

1. System protection must be enabled on drive C, and at least one restore point created. Whether system protection is enabled or disabled by default depends on various parameters.
2. At least one local administrator account must be enabled on the computer, or at least one “Administrators” group member’s credentials cached.”

0patch released unofficial patches for:

1. Windows 10 v21H1 (32 & 64 bit) updated with November 2021 Updates
2. Windows 10 v20H2 (32 & 64 bit)updated with November 2021 Updates
3. Windows 10 v2004 (32 & 64 bit)updated with November 2021 Updates
4. Windows 10 v1909 (32 & 64 bit)updated with November 2021 Updates
5. Windows 10 v1903 (32 & 64 bit)updated with November 2021 Updates
6. Windows 10 v1809 (32 & 64 bit)updated with May 2021 Updates

0patch will provide free micropatches for this vulnerability until Microsoft has issued an official patch. Users that want to install the micropatches can create a free account in 0patch Central, then install 0patch Agent from 0patch.com. The company pointed out that no computer reboots will be needed.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Windows)

[adrotate banner=”5″]

[adrotate banner=”13″]