Windows flaw with new public exploits lets you become admin

Windows flaw with new public exploits lets you become admin

Short News:- 

A security researcher has publicly disclosed an exploit for a vulnerability in Windows' local privilege elevation. CVE-2022-21882 allows anyone to gain administrator privileges in Windows 10. The issue affects all supported versions of Windows 10 prior to the January 2022 Patch Tuesday updates. This vulnerability was discovered two years ago by Gil Dabah, an Israeli security researcher. He chose not to disclose it due to Microsoft's reduced bug bounty payouts. Administrators are strongly advised to install the updates immediately rather than waiting for the February 8th Patch Tuesday.

Detailed News:- Windows flaw with new public exploits lets you become admin

A security researcher has publicly disclosed an exploit for a vulnerability in Windows' local privilege elevation that allows anyone to gain administrator privileges in Windows 10.

Using this vulnerability, threat actors with limited access to a compromised device can easily elevate their privileges in order to assist in network spreading, create new administrative users, or execute privileged commands.

The issue affects all supported versions of Windows 10 prior to the January 2022 Patch Tuesday updates.

A researcher publishes a workaround for a patched vulnerability.

Microsoft patched a 'Win32k Elevation of Privilege Vulnerability' identified as CVE-2022-21882, which is a workaround for the previously patched and actively exploited CVE-2021-1732 bug.

Microsoft credits RyeLv with discovering this vulnerability and shared a technical analysis of it following Microsoft's patch release.

Regarding the just-fixed CVE-2022-21882:
win32k privilege escalation vulnerability,
CVE-2021-1732 patch bypass,easy to exploit,which was used by apt attacks

— b2ahex (@b2ahex) January 12, 2022

Multiple exploits for CVE-2022-21882 were publicly released this week, allowing anyone to gain SYSTEM privileges on vulnerable Windows 10 devices.

Will Dormann, a vulnerability analyst for CERT/CC and Twitter's resident exploit tester, confirmed that the exploit works and grants elevated privileges following its release.

BC also tested the vulnerability and had no difficulty compiling and using the exploit to open Notepad with SYSTEM privileges on Windows 10, as demonstrated below. BC was unable to replicate the exploit on Windows 11.

While we used this exploit to open Notepad, threat actors could also use it to add new Administrator users or execute other privileged commands.

While we would not normally report on a patched vulnerability, many administrators chose to forego the January 2022 updates due to the large number of critical bugs introduced by these updates, including reboots, L2TP VPN issues, inaccessible ReFS volumes, and Hyper-V issues.

This means that their devices remain unprotected and vulnerable to an exploit that APT hacking groups have historically used in cyberattacks.

With the release of these exploits and Microsoft's OOB updates resolving the issues introduced in the January 2022 updates, administrators are strongly advised to install the updates immediately rather than waiting for the February 8th Patch Tuesday.

Two years ago, a bug was discovered

This same vulnerability was discovered two years ago by Gil Dabah, an Israeli security researcher and Piiano CEO, who chose not to disclose it due to Microsoft's reduced bug bounty payouts.

Dabah is not alone in his disappointment with Microsoft's dwindling bug bounty payouts.

In November, security researcher Abdelhamid Nacer published a zero-day privilege elevation exploit in response to Microsoft's bug bounty program's decreasing payouts.

"Since April 2020, Microsoft bounties have been trashed; I really wouldn't do that if MSFT hadn't decided to downgrade those bounties," Naceri told BleepingComputer at the time.

RyeLv stated in his technical writeup for the CVE-2022-21882 vulnerability that the most effective way to eradicate this bug class is for Microsoft to improve its Windows kernel bug bounties.

"Improve the kernel zero-day bounty program, allow more security researchers to participate, and help the system become more perfect," RyeLv advised.