Windows 10 error grants administrator privileges to anyone

Imagem de: Windows 10: Microsoft libera prévia da versão 21H2

a Microsoft Wednesday morning (21) released a temporary fix to upgrade the weakness of the franchise called HiveNightmare. Hive is a logical set of keys, subkeys, and values ​​in a registry. According to the company, the bug makes ACLs “overly permissive on many system files,” making any PC user have access to system administrative information.

The flaw was recently discovered by Twitter user “Jonas L”, who noticed that the Windows Security Account Manager (SAM) database, containing all important passwords and keys, was open to non-admins. that is the reason, Weakness It is also called SeriousSAM because it gives access to SAM, SYSTEM, and SECURITY hive files.

No Microsoft Security Response Center (MSRC)By exploiting this vulnerability, analysts explain, intruder In theory, arbitrary code can be run with system privileges. This will “open the door” to installing, viewing, changing, deleting programs and even creating new accounts with full rights.

How to Explore HiveNightmare?

Microsoft has identified the flaw as a Common Vulnerability and Exposure (CVE) and assigned it the code 2021-36934. even a Final correction, the approved solution was an alternative (gambiarra) solution for immediate adoption.

The alternative procedure is as follows:

  • Restrict access to content from %windir%system32config

Open Command Prompt or Windows PowerShell as an administrator.

See also  It's surprising and you won't believe it

– Execute este comando: icacls %windir%system32config*. */ inheritance:

  • Delete shadow copies from Volume Shadow Copy Service (VSS)

Delete all system restore points and shadow volumes that existed before you restricted access to %windir%system32config

Create a new system restore point (if needed).

The vulnerability occurs on most computers with operating system drives larger than 128 GB, which creates VSS (System Interface) shadow copies. To delete these VSS shadows, Microsoft has issued an order on its official page neste link.

You May Also Like

About the Author: Osmond Blake

"Web geek. Wannabe thinker. Reader. Freelance travel evangelist. Pop culture aficionado. Certified music scholar."

Leave a Reply

Your email address will not be published. Required fields are marked *