WINDOWS Vulnerability MAKES USER COMPLETE WITH DATA AND PASSWORD

Password researchers have just discovered an access-related nightmare, called HiveNightmare, aka SeriousSAM.

Recently, security researcher Jonas Lykkegaard, confirmed on Twitter that he discovered a critical vulnerability on WIndows 11. At first, Jonas just thought he was looking for a regression software in the Insider of print. WIndows 11, but he discovered that regular users without elevated permissions were able to access the contents of a file database associated with the Windows Registry.

Specifically, Jonas found, he could read the contents of the Security Account Manager (SAM), which stores password tapes for every user on a Windows PC, as well as other Windows Registry databases.

This issue has been confirmed by Kevin Beaumont and Jeff McJunkin. These two security researchers did some additional testing and found it affects Windows 10 version 1809 and later, even the latest Insider versions of WINdows 11. Version 1803 and later down, same all Windows Server version, are not affected by this issue.

Microsoft has acknowledged this vulnerability and is currently working on a patch. The company's security bulletin explains that attackers successfully exploiting this vulnerability will be able to create an account on the affected machine and gain system privileges - the highest level of access in Windows. This means that an attacker can view and change your files, install apps, create new user accounts, and execute any code with elevated privileges.

This is a serious but potentially unexploited problem, because an attacker needs to first penetrate the target system with another vulnerability. And according to the US Computer Emergency Readiness Group (US-CERT), to accomplish that malicious purpose, the system will need to enable Volume Shadow Copy Service.