A new vulnerability was found in Windows 10, Windows 11 and Windows Server that allows the elevation of local privileges and gaining administrator rights. An exploit for it has already been published on the Web, with the help of which attackers who have already hacked the system, but have limited access, can gain full control over the device. The vulnerability affects all currently supported Windows versions.
As part of Patch Tuesday November 2021, Microsoft patched a Windows Installer privilege escalation vulnerability known as CVE-2021-41379. This vulnerability was discovered by security researcher Abdelhamid Naceri, who found a workaround for the provided fix and a new, more powerful zero-day privilege escalation vulnerability after examining a Microsoft-released patch. Naceri posted a working experimental exploit for the new vulnerability on GitHub yesterday, explaining that it works on all supported versions of Windows.
In addition, Naceri explains that while Group Policy can get a configuration to prevent users with basic privileges from using Windows Installer (MSI); the new vulnerability bypasses this policy and will work anyway. BleepingComputer tested the InstallerFileTakeOver exploit; and found that it only took a few seconds for it to gain SYSTEM-level privileges from a test account; with Standard privileges. The test was on Windows 10 21H1 with build number 19043.1348.
Naceri said that he publicly disclosed the zero-day vulnerability due to disappointment at the decrease in Microsoft’s software bugs bounty program. The Redmond Corporation did not comment on the situation in any way. Probably, they will fix the vulnerability with the release of the update on the next patch Tuesday.
Microsoft will continue to update Windows 10 once a year
Microsoft announced the start of distribution of the Windows 10 November 2021 Update (21H2). At the same time, the developers announced that in the future the software platform will receive major updates once a year. Delivery of updates to Windows 11 is available in a similar way. Thus, the next major update for Windows 10 will be released only in the second half of 2022, and not in May-June, as it was before.
“We are moving to a new Windows 10 update schedule to keep up with the pace of Windows 11; which focuses on getting functional updates every year. The next Windows 10 feature update will launch in the second half of 2022. We will continue to support at least one version of Windows 10 until October 14, 2025;” Microsoft said in a statement.
Despite the fact that Microsoft’s main plans are related to Windows 11; the software giant will release functional updates for the previous version of the platform for a long time to come. Moving to an annual release of functional updates will be good news for enterprise customers; who have to test Microsoft’s released packages for compatibility with their hardware before installing them on user devices. The change will also provide significantly more time to test updates as part of the Insider Program; allowing Microsoft to address as many bugs as possible before the updates roll out to the public.