Security News > 2021 > July > Microsoft Issues Windows 10 Workaround Fix for ‘SeriousSAM’ Bug
A privilege escalation bug, affecting versions of Windows 10, received a workaround fix by Microsoft Wednesday to prevent attackers from accessing data and creating new accounts on compromised systems.
The bug, dubbed SeriousSAM, affects the Security Accounts Manager database in all versions of Windows 10.
A prerequisite for abuse of the bug is an adversary needs either remote or local access to the vulnerable Windows 10 system.
Simply stated, an attacker could leverage the bug to gain access to the SAM database of hashed credentials, which then could be decrypted offline and used to bypass Windows 10 user access controls.
In a Tweet by Lyk, the researcher said the bug also impacts pre-production versions of Windows 11.
The researcher said the bug was discovered while tinkering with Windows 11.
News URL
https://threatpost.com/win-10-serioussam/168034/
Related news
- Microsoft silently fixes Start menu bug affecting Windows 10 PCs (source)
- Microsoft will update Office apps on Windows 10 until 2028 (source)
- Microsoft confirms May Windows 10 updates trigger BitLocker recovery (source)
- Microsoft's killing script used to avoid Microsoft Account in Windows 11 (source)
- Microsoft tests new Windows 11 tool to remotely fix boot crashes (source)
- New Windows 11 trick lets you bypass Microsoft Account requirement (source)
- Microsoft adds hotpatching support to Windows 11 Enterprise (source)
- Microsoft starts testing Windows 11 taskbar icon scaling (source)
- Windows 11 Forces Microsoft Account Sign In & Removes Bypass Trick Option (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)