Security News > 2021 > November > Zero-day bug in all Windows versions gets free unofficial patch
2021-11-12 12:28
A free and unofficial patch is now available for a zero-day local privilege escalation vulnerability in the Windows User Profile Service that lets attackers gain SYSTEM privileges under certain conditions.
The bad news is that it impacts fully-updated devices running all Windows versions, including Windows 10, Windows 11, and Windows Server 2022.
While Microsoft is still working on a security update to address this zero-day flaw, the 0patch micropatching service has released Thursday a free unofficial patch.
Windows 10 v21H1 updated with October or November 2021 Updates.
Windows 10 v20H2 updated with October or November 2021 Updates.
Windows 10 v1909 updated with October or November 2021 Updates.
News URL
Related news
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- New Windows Themes zero-day gets free, unofficial patches (source)
- Windows Themes zero-day bug exposes users to NTLM credential theft (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)