Another Zero Day Exploit For Microsoft
Even Windows 11 is affected.
Apparently, one can open a command line window and deploy an exploit to raise permissions on a machine using a .exe file freely available on Github. Nice.
The exploit works on Windows 10, Windows 11 and Windows Server versions of this OS. The exploit consists of a low privileged user raising their own privileges by running basic commands on the CMD prompt. Fascinating.
Bleeping Computer Blog Finds Exploit
The exact issue is described by BleepingComputer yesterday in a much circulated blog post:
[BP] has tested the exploit and used it to open to command prompt with SYSTEM privileges from an account with only low-level ‘Standard’ privileges.
– Bleeping Computer