What is SeriousSAM?
Microsoft’s Windows 10 and Windows 11 (currently in beta) versions have been found vulnerable to a new local privilege escalation vulnerability that permits users with low-level permissions access Windows system files. This unauthorized access would enable a a hacker to unmask the operating system installation password and even decrypt private keys.
The vulnerability has been nicknamed “SeriousSAM.”
Why should you care?
This exploit would give a malicious hacker access to system privileges and permit them to run arbitrary code. Then the attacker would be free to download and install any program they wished. They could delete, change, view, data. Or give themselves full user rights to your system.
“An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
Successful exploitation of the flaw, however, necessitates that the attacker already has a foothold and is in possession of the ability to execute code on the victim system.
This is the 3rd publicly disclosed unpatched bug in Windows since the release of Patch Tuesday updates on July 13, 2021. Two more vulnerable exploits affecting the Print Spooler component have also been discovered, prompting Microsoft to urge all users to stop and disable the service to protect systems against exploitation.
If you would like to learn more check out the following links:
Source : https://thehackernews.com/2021/07/new-windows-and-linux-flaws-give.html
How to mitigate – https://thehackernews.com/2021/07/how-to-mitigate-microsoft-windows-10-11.html
Microsoft Tracking – https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934