Someone has discovered a major vulnerability that affects all Windows operating systems, including the new Windows 11.
Although the only thing that the user can use is common sense and update the Windows operating system with the latest security patches to bet on maximum security, sometimes cybercriminals find different ways to access our system and even escalate to permissions of administrator.
And although Microsoft is working with each of the security patches to avoid any type of unwanted access to our computers, sometimes they do not do it completely well. However, it has been discovered a new zero-day vulnerability in WindowsMost worryingly, it affects all versions of Windows, including Windows 10 and Windows 11.
Jason schultz, Technical Lead for Talos Security Intelligence & Research Group, has shared details of the vulnerability that is curiously not new, because it was apparently patched earlier this month under a security update.
At that time, the vulnerability was classified as medium degree and allowed a user with a limited account to escalate their privileges to administrator and delete specific files on a system.
However, the patch released by Microsoft was not enough to resolve this vulnerability and the security researcher Abdelhamid Naceri, who initially worked with Microsoft to solve it, has discovered that this patch has not achieved its objective and it seems that now things have gotten complicated.
However, Abdelhamid Naceri himself posted a proof-of-concept exploit code on Github on November 22nd that works despite the fixes implemented by Microsoft in the latest patch.
This code takes advantage of the discretionary access control list (DACL) for Microsoft Edge Elevation Service to replace any executable file on the system with an MSI file, allowing an attacker to run code as an administrator.
At the time of this writing, there is no patch to correct this vulnerability and it is quite likely that cybercriminals will start exploiting it within the next few hours. The only thing you can do right now is wait for Microsoft to release a new security patch in the next few hours due to the complexity of this vulnerability.
This type of event makes us see that even by installing the latest security patches we can be exposed to any type of attack on our computers, so it is always convenient to make a backup copy of all our files.