Another Zero Day Exploit For Microsoft

Even Windows 11 is affected.

Apparently, one can open a command line window and deploy an exploit to raise permissions on a machine using a .exe file freely available on Github. Nice.

The exploit works on Windows 10, Windows 11 and Windows Server versions of this OS. The exploit consists of a low privileged user raising their own privileges by running basic commands on the CMD prompt. Fascinating.

Bleeping Computer Blog Finds Exploit

The exact issue is described by BleepingComputer yesterday in a much circulated blog post:

[BP] has tested the exploit and used it to open to command prompt with SYSTEM privileges from an account with only low-level ‘Standard’ privileges.

– Bleeping Computer