The vulnerability in Microsoft Windows 10 finally has a fix that can bypass password hashes for offline decryption.
Microsoft Windows 10 pointed out an error when the company released a fix for a specific height error. And may enable attackers to access data or even create new accounts on the system.
According to ZDnet reports, Microsoft has just confirmed a fatal privilege escalation vulnerability named CVE202136934. It could allow an attacker to execute your code with specific system privileges. According to Microsoft, an attacker must execute code on a specific target system to exploit the vulnerability.
Due to the disclosed vulnerability details, the database applies to all different versions of Windows 10 and the previous Windows 10 1809. The SAM database is an important part of Windows 10. Because it is a special location where certain user accounts, domain information, and credentials are stored.
CVE202136934 Fix
A vulnerability in SAM allows attackers to extract hashed credentials to crack them offline. Microsoft pointed out in an article that due to excessive disclosure of the access control lists or ACLs of various system files (including the SAM database), there are now vulnerabilities in privilege escalation.
It is said that an attacker who can successfully exploit this particular vulnerability will be able to execute arbitrary code with SYSTEM privileges. According to reports, attackers can install programs, such as change, view, delete data, and even create new accounts and logs. It has been determined that the vulnerability was originally discovered by Jonas Leek over the weekend. The specific problem is now called SeriousSam.
Prevent Password Hashes
Lyk was able to find a snapshot of the SAM available to the attacker while further exploring the latest version of Microsoft’s Windows 11 preview. Windows 11 is played by technology enthusiasts. Imagine a Raspberry Pi compatible with Windows 11. The security company Blumira stated that CVE202136934 is a very serious bug.
The company noted in a blog post that the SYSTEM and SAM credential database files had been updated. It is to include read ACLs for all users running on certain versions of Windows. According to this article, this means that any authenticated user has the right to retrieve cached host credentials and use them to decrypt external strings according to the given environment and even pass in hashes range.
The official US-CERT coordinator stated that the vulnerability might affect infected Windows 10 computers in other ways. The new Windows 11 is just around the corner, but for those who are more familiar with Windows 10, you can at least reset the start menu.
Image courtesy of Tursk/YouTube