Windows 11 has also been recruited: Microsoft confirms the existence of high-risk vulnerabilities

The official version of Microsoft’s new system, Windows 11, was launched in early October. Its new interface and new features have won the favor of many users, but some users have encountered some problems in their use. According to feedback from foreign media users, after upgrading Win11, the memory usage is too high, which causes the interface to freeze and the game frame rate to drop.

Core Research Institute reported on November 26 that the computer security organization Cisco Talos discovered a new vulnerability that affected all Windows versions including Windows 11 and Windows Server 2022. The vulnerability exists in the Windows installer, allowing an attacker to elevate his privileges to become an administrator. By exploiting this vulnerability, users with partial permissions can elevate their permissions to system administrators. The security company has found malware samples on the Internet, which indicates that hackers may have used the vulnerability to launch attacks.

Prior to this, Microsoft security researcher Abdelhamid Naceri reported this vulnerability to Microsoft, and it is said that CVE-2021-41379 was used to fix the vulnerability on November 9. However, this patch does not seem to be enough to solve this problem, because this problem still exists, which led to Naceri’s release of a proof of concept on GitHub.

Microsoft rated the vulnerability as “medium severity” with a basic CVSS (Common Vulnerability Scoring System) score of 5.5 and a time score of 4.8. Now that there is a functional proof-of-concept vulnerability code, others can try to abuse it further, possibly increasing these scores. Currently, Microsoft has not released a new update to mitigate this vulnerability.

In addition, it was previously exposed that Win11 has degraded AMD Ryzen processor performance, some network card driver management software is not compatible, and the start menu is stuck and cannot be clicked with the mouse.

Although some bugs have been patched in subsequent updates, it does not seem to completely solve the problem, and there are also high-risk vulnerabilities.

Computer security organization Cisco Talos has discovered a new vulnerability that affects all versions of Windows, including Windows 11 and Windows Server 2022. The vulnerability exists in the Windows installer, allowing an attacker to elevate his privileges to become an administrator.

By exploiting this vulnerability, users with partial permissions can elevate their permissions to system administrators. The security company has found malware samples on the Internet, which indicates that hackers may have used the vulnerability to launch attacks.

Prior to this, Microsoft security researcher Abdelhamid Naceri reported this vulnerability to Microsoft, and it is said that CVE-2021-41379 was used to fix the vulnerability on November 9. However, this patch does not seem to be enough to solve this problem, because this problem still exists, which led to Naceri’s release of a proof of concept on GitHub.

Microsoft rated the vulnerability as “medium severity” with a basic CVSS (Common Vulnerability Scoring System) score of 5.5 and a time score of 4.8. Now that there is a functional proof-of-concept vulnerability code, others can try to abuse it further, possibly increasing these scores. Currently, Microsoft has not released a new update to mitigate this vulnerability.

Be the first to comment

Leave a Reply

Your email address will not be published.


*