Windows zero-day makes you an admin

@ 2021/11/24
Its a good to be the King.

A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that turns a hacker into an admin.

The exploit works in Windows 10, Windows 11, and Windows Server and was supposed to have been fixed in the November 2021 Patch Tuesday.

Vole’s 'Windows Installer Elevation of Privilege Vulnerability' vulnerability is tracked as CVE-2021-41379 and was spotted by security researcher Abdelhamid Naceri.

But Naceri found a bypass to the patch and a more powerful new zero-day privilege elevation vulnerability after examining Microsoft's fix. He published a working proof-of-concept exploit for the new zero-day on GitHub, explaining that it works on all supported versions of Windows.

No comments available.