An exploit has been released for a Windows local privilege escalation vulnerability that allows anyone to gain administrator privileges in Windows 10.
This vulnerability allows an attacker with access to the compromised device to easily elevate privileges, allowing them to spread laterally within the corporate network, create new administrative users, and execute privileged commands
This vulnerability affects all Windows 10 supported prior to the January 2022 Patch Tuesday update.
Patch patched vulnerability bypass
As part of the January 2022 Patch Tuesday, Microsoft has fixed the Win32k Elevation of Privilege Vulnerability, which is tracked as CVE-2022-21882. This vulnerability allows exploitation of the CVE-2021-1732 bug, which has been previously patched and is actively being exploited.
The vulnerability was discovered by RyeLv, who shared a technical analysis of the vulnerability after Microsoft released a patch.
And multiple exploits for CVE-2022-21882, which allows anyone to gain SYSTEM privileges, have been released.
After the exploit was published, Will Dormann, a CERT/CC vulnerability analyst and Twitter’s resident exploit tester, confirmed that the exploit works and allows for elevated privileges.
An attacker can also use this exploit to add a new user with Administrator privileges and execute other privileged commands.
Normally we don’t report on patched vulnerabilities, but the January 2022 update introduced a number of critical bugs including reboots, L2TP VPN issues, inaccessible ReFS volumes, and Hyper-V issues when installing these updates. Many administrators have chosen to skip the January 2022 update because it introduces a number of critical bugs including reboots, L2TP VPN issues, inaccessible ReFS volumes, and Hyper-V issues when installing these updates.
This means that the device is left unprotected and vulnerable to exploits that have historically been used in cyber attacks by APT hacking groups.
With the release of the exploit and Microsoft’s release of an OOB update that addresses the issues introduced in the January 2022 update, enterprise system administrators are strongly encouraged to install the update rather than wait until Patch Tuesday, February 8.
The OOB update is now available.
It was actually a bug discovered 2 years ago
This same vulnerability was discovered two years ago by Gil Dabah, an Israeli security researcher and CEO of Piiano, but Dabah decided not to disclose the bug because of Microsoft’s reduced bug bounty.
Dava is not alone in his frustration with Microsoft’s dwindling bug bounties.
In November, security researcher Abdelhamid Nacer released a zero-day privilege escalation exploit that he cited as the reason for the decline in Microsoft’s bug bounty program payouts.
Microsoft’s bounty has been trashed since April 2020, and if MSFT hadn’t made the decision to downgrade its bounty, I wouldn’t have published it
In his technical article on the CVE-2022-21882 vulnerability, RyeLv points out that the best way to eliminate this bug class is to improve the bug bounty in Microsoft’s Windows kernel.
Improve the kernel 0day bounty and get more security researchers to join the bounty program and help us make the system more perfect
Comments