Third-party security group patches a Windows vulnerability Microsoft couldn’t, again

2019 03 08 image

Facepalm: Since last summer, Microsoft’s security team has escaped a potentially dangerous vulnerability that affects all currently supported versions of Windows. So far, Redmond developers have failed to fix it twice. This week, an outside group released its own patch for the second time.

Third-party platform 0patch released its second fix for a local privilege escalation vulnerability after Microsoft’s latest throttling attempt broke the group’s first patch. The latest version works for the March 2022 editions of Windows 10 v21H1, v20H2, v1909 and Windows Server 2019. Its download requires a free account on 0patch’s website.

The whole debacle started last August when security researcher Abdelhamid Naceric discovered a vulnerability (CVE-2021-34484) that gives attackers administrative privileges. It affects Windows 11, Windows 10 and Windows Server. Microsoft attempted to fix the exploit as part of its August 2021 Patch Tuesday, but Naceri quickly developed a proof of concept that circumvented Microsoft’s fix.

In November, 0patch came up with its first unofficial solution, which proved effective. However, Microsoft released a second official patch as part of the January 2022 Patch Tuesday. Not only did Naceri find a way around it, but applying it also rolled back 0patch’s working fix.

Developers at 0patch have now ported a new fix to versions of Windows with the latest updates from Microsoft. The group says the first patch still protects versions of Windows that are no longer officially supported, such as Windows 10 v1803, v1809 and v2004.

Leave a Reply

Your email address will not be published.