Steven emails in to ask if this is real.
1. Yes, this is a real vulnerability.
2. It impacts all Windows 10 and 11 systems.
3. There is still no patch from Microsoft (i.e. a true Day Zero exploit)
4. A successful exploit results in exceptionally bad things happening (access to the SAM database, get password hashes, and Administrator privileges).
5. The exploit code has been posted to Github. This is Biblically bad - fire and brimstone, etc.
The only good news (and it is legitimately good news) is that this does not look like it can be exploited remotely. Corporate IT departments will be pulling their hair out about their users gaining Admin access to their corporate laptop, but users at home shouldn't panic (you are already admin).
Microsoft has not covered themselves in glory here - heck Forbes has an article on this. That's not good PR. In my experience, Microsoft was pretty good at disclosure, but that was a long time ago.
Also, the researcher did not cover himself with glory either. There are something like a billion vulnerable systems out there and he uploaded the warez to Github? Not cool.
No comments:
Post a Comment