News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon

We're community supported and proud of it!

  • 0Patch fixed Windows 10 Zero Day CVE-2021-24084 bug (free)

    Home » Forums » AskWoody support » Windows » 0Patch fixed Windows 10 Zero Day CVE-2021-24084 bug (free)

    Author
    Topic
    #2404016

    https://blog.0patch.com/2021/11/micropatching-unpatched-local-privilege.html

    Micropatching Unpatched Local Privilege Escalation in Mobile Device Management Service (CVE-2021-24084 / 0day)

    by Mitja Kolsek, the 0patch Team

    In June 2021, security researcher Abdelhamid Naceri published a blog post about an “unpatched information disclosure” vulnerability in Windows. The post details the mechanics of the issue and its exploitation, allowing a non-admin Windows user to read arbitrary files even if they do not have permissions to do so. The exploit namely copies file(s) from a chosen location into a CAB archive that the user can then open and read.

    Abdelhamid’s blog post also provides the timeline of reporting the vulnerability to Microsoft through ZDI in October 2020, Microsoft assigning a CVE ID to the issue and allegedly planning to fix it in April 2021, and the latter not happening in April. Or June. Or July or August or September or October.

    While we had noticed Abdelhamid’s June disclosure, it didn’t seem to be a critical enough issue for micropatching, as we generally don’t patch information disclosure bugs.

    In November, however, Abdelhamid pointed out that this – still unpatched – bug may not be just an information disclosure issue, but a local privilege escalation vulnerability. Namely, as HiveNightmare/SeriousSAM has taught us, an arbitrary file disclosure can* be upgraded to local privilege escalation if you know which files to take and what to do with them. We confirmed this by using the procedure described in this blog post by Raj Chandel in conjunction with Abdelhamid’s bug – and being able to run code as local administrator….

    The micropatch is free for everyone.

    • This topic was modified 1 month, 4 weeks ago by Alex5723.
    Reply To: 0Patch fixed Windows 10 Zero Day CVE-2021-24084 bug (free)

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.