Security News > 2021 > July > Microsoft Issues Windows 10 Workaround Fix for ‘SeriousSAM’ Bug
A privilege escalation bug, affecting versions of Windows 10, received a workaround fix by Microsoft Wednesday to prevent attackers from accessing data and creating new accounts on compromised systems.
The bug, dubbed SeriousSAM, affects the Security Accounts Manager database in all versions of Windows 10.
A prerequisite for abuse of the bug is an adversary needs either remote or local access to the vulnerable Windows 10 system.
Simply stated, an attacker could leverage the bug to gain access to the SAM database of hashed credentials, which then could be decrypted offline and used to bypass Windows 10 user access controls.
In a Tweet by Lyk, the researcher said the bug also impacts pre-production versions of Windows 11.
The researcher said the bug was discovered while tinkering with Windows 11.
News URL
https://threatpost.com/win-10-serioussam/168034/
Related news
- Microsoft just killed the Windows 10 Beta Channel again (source)
- Microsoft just killed the Windows 10 Beta Channel for good (source)
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)
- Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools (source)
- Windows 10 KB5046613 update released with fixes for printer bugs (source)
- Microsoft fixes bugs causing Windows Server 2025 blue screens, install issues (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft shares more details on Windows 11 admin protection (source)
- Microsoft now testing hotpatch on Windows 11 24H2 and Windows 365 (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)