Microsoft warns ALL Home windows 10 customers: you could observe these steps now

Windows 10 users have been put on high alert over a dangerous new bug lurking in the popular desktop operating system. Called SeriousSAM, attackers can gain administrator rights on vulnerable systems – so they can install malware, applications, delete files, and much more. SeriousSAM is a so-called “zero-day vulnerability”, which means that attackers already know how to exploit the vulnerability. That means Microsoft is in a race against the hackers – to fix the problem before too many people fall victim to hackers who take advantage of the problem.

Fortunately, Microsoft is working on a fix. However, these things take time. And while the Redmond-based company is working hard on a permanent patch for the problem, known as CVE-2021-36934, Microsoft has released a workaround to help protect your laptop, desktop, or tablet from these attacks.

“An elevation of privilege vulnerability exists due to excessively permissive access control lists (ACLs) on several system files, including the Security Accounts Manager (SAM) database,” Microsoft said in a security advisory released earlier this week. “An attacker could then install programs, view, change or delete data or create new accounts with full user rights. An attacker must be able to execute code on a victim system to exploit this vulnerability. “

This latest zero-day vulnerability affects all versions of Windows introduced from October 2018 through today.

CONTINUE READING
Even more Fire TV users have now unlocked the biggest upgrade since launch

Microsoft has shared the following steps to block the exploitation of this vulnerability until the final fix comes in …

Restrict access to the contents of% windir% system32config:

  • Open Command Prompt or Windows PowerShell as an administrator.
  • Run this command: icacls% windir% system32config *. * / Inheritance: e

Delete Volume Shadow Copy Service (VSS) shadow copies:

  • Delete all system restore points and shadow volumes that existed before access to% windir% system32config was restricted
  • Create a new system restore point (if desired)

While the workaround will keep your computer safe, there are some side effects. Microsoft has warned users that deleting these shadow copies from their systems – as explained above – will affect some system and file recovery operations, such as when using a third-party backup app to restore data. If you or your company depend on a third-party backup solution, it may be worthwhile to skip the workaround for now.

With a little luck, a permanent solution that won’t break some backup solutions will come very soon.

“We are investigating and, if necessary, will take appropriate measures to ensure the protection of customers,” assured a Microsoft spokesman in an interview with the security blog Bleeping Computer.

Leave A Reply

Your email address will not be published.