Security News > 2021 > July > Make-me-admin holes found in Windows, Linux kernel

Recent builds of Windows 10, and the preview of Windows 11, have a misconfigured access control list for the Security Account Manager, SYSTEM, and SECURITY registry hive files.

You may think you're safe because your Windows PC doesn't have a suitable VSS shadow copy, yet there are ways to end up quietly creating one and put your machine at risk.

According to the advisory: "Note that VSS shadow copies may not be available in some configurations, however simply having a system drive that is larger that 128GB in size and then performing a Windows Update or installing an MSI will ensure that a VSS shadow copy will be automatically created."

Q: what can you do when you have #mimikatz🥝 & some Read access on Windows system files like SYSTEM, SAM and SECURITY?

It's not just Windows: a security hole has been discovered in Linux kernels since version 3.16 that can be exploited by rogue users and malware already on a system to gain root-level privileges.

Qualys also found another security weakness in Linux systems, CVE-2021-33910, a denial-of-service kernel panic via systemd.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/07/21/windows_linux_privilege_escalation/