Unofficial patches released for Windows 10 LPE bug

CSH
CYBERSECURITY HELP
Sign In REGISTER
 

Unofficial patches released for Windows 10 LPE bug

The 0patch micropatching service has released free, unofficial patches for Windows local privilege escalation vulnerability (CVE-2021-24084) affecting Windows 10, version 1809 and later.

The issue resides in the “Access work or school” settings of the Mobile Device Management Service and, according to security researcher Abdelhamid Naceri, can be exploited to bypass a patch for CVE-2021-24084 released by Microsoft in February, 2021.

CVE-2021-24084 is an information disclosure flaw, which exists due to excessive data output by the application in Windows Mobile Device Management. A local user can gain unauthorized access to sensitive information on the system.

As Naceri noted this month, the incompletely patched vulnerability could be used to gain admin privileges. Although it has been six month since Naceri’s June disclosure, Microsoft has yet to address the issue.

"Namely, as HiveNightmare/SeriousSAM has taught us, an arbitrary file disclosure can be upgraded to local privilege escalation if you know which files to take and what to do with them. We confirmed this by using the procedure described in this blog post by Raj Chandel in conjunction with Abdelhamid's bug - and being able to run code as local administrator," 0patch co-founder Mitja Kolsek said.

According to Kolsek, two conditions need to be met in order for the local privilege escalation to work:

  • System protection must be enabled on drive C, and at least one restore point created. Whether system protection is enabled or disabled by default depends on various parameters.

  • At least one local administrator account must be enabled on the computer, or at least one "Administrators" group member's credentials cached.

0patch has released patches for the following Windows 10 versions:

  • Windows 10 v21H1 (32 & 64 bit) updated with November 2021 Updates

  • Windows 10 v20H2 (32 & 64 bit) updated with November 2021 Updates

  • Windows 10 v2004 (32 & 64 bit) updated with November 2021 Updates

  • Windows 10 v1909 (32 & 64 bit) updated with November 2021 Updates

  • Windows 10 v1903 (32 & 64 bit) updated with November 2021 Updates

  • Windows 10 v1809 (32 & 64 bit) updated with May 2021 Updates

Back to the list