Security News > 2021 > July > Microsoft Issues Windows 10 Workaround Fix for ‘SeriousSAM’ Bug
A privilege escalation bug, affecting versions of Windows 10, received a workaround fix by Microsoft Wednesday to prevent attackers from accessing data and creating new accounts on compromised systems.
The bug, dubbed SeriousSAM, affects the Security Accounts Manager database in all versions of Windows 10.
A prerequisite for abuse of the bug is an adversary needs either remote or local access to the vulnerable Windows 10 system.
Simply stated, an attacker could leverage the bug to gain access to the SAM database of hashed credentials, which then could be decrypted offline and used to bypass Windows 10 user access controls.
In a Tweet by Lyk, the researcher said the bug also impacts pre-production versions of Windows 11.
The researcher said the bug was discovered while tinkering with Windows 11.
News URL
https://threatpost.com/win-10-serioussam/168034/
Related news
- Microsoft fixes Windows 10 bug causing apps to stop working (source)
- Microsoft just killed the Windows 10 Beta Channel again (source)
- Microsoft just killed the Windows 10 Beta Channel for good (source)
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)
- Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues (source)
- What Is Inside Microsoft’s Major Windows 11 Update? (source)
- Microsoft warns of Windows 11 24H2 gaming performance issues (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Windows 10 KB5044273 update released with 9 fixes, security updates (source)