Friday, December 13, 2024
Latest:
TECHNICAL SOLUTIONS

Check Windows 10 for SeriousSAM and HiveNightmare vulnerability

There is a new and very nasty zero-day vulnerability that is found in Windows client operating systems referred to as SeriousSAM and HiveNightmare. This is a zero-day bug that allows an underprivileged user and by extension an attacker to steal credentials, install software, and even create users with high-level permissions. It allows an attacker to see information stored in:

C:windowssystem32configsam
C:windowssystem32configsecurity
C:windowssystem32configsoftware
C:windowssystem32configsystem
C:windowssystem32configdefault

The only remediation at this point is resetting permissions on the folders listed, removing the permissive Users from being able to read and execute on these folders. Also, Microsoft is recommending to delete VSS shadow copies which includes System Restore Points from an affected machine.

Note the following resource:

Official Microsoft Elevation of Privilege CVE: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934
A proof of concept code that is already available: https://github.com/GossiTheDog/HiveNightmare

Check out my blog post covering the vulnerability and how to check Windows 10 for SeriousSAM and HiveNitmare:

Check Windows 10 for SeriousSAM and HiveNightmare Vulnerability Fix


source

how to repair windows 10

You May Also Like

Windows 11 Blue Screen BAD_SYSTEM_CONFIG_INFO

File Unlocker – Decrypt and repair files – .datah .jopanaxye .dzen .elpy .eight .chocolate .ZFX

How to Change Accent Color in Windows 11

Leave a Reply

Your email address will not be published. Required fields are marked *