Security News > 2021 > November > New Windows zero-day with public exploit lets you become an admin
A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that gives admin privileges in Windows 10, Windows 11, and Windows Server.
The vulnerability affects all supported versions of Windows, including Windows 10, Windows 11, and Windows Server 2022.
Yesterday, Naceri published a working proof-of-concept exploit for the new zero-day on GitHub, explaining that it works on all supported versions of Windows.
00 bounty award under the Windows Insider Preview Bounty Program.
As is typical with zero days, Microsoft will likely fix the vulnerability in a future Patch Tuesday update.
"Any attempt to patch the binary directly will break windows installer. So you better wait and see how Microsoft will screw the patch again."
News URL
Related news
- LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers (source)
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Security pros baited with fake Windows LDAP exploit traps (source)
- Zero-day exploits plague Ivanti Connect Secure appliances for second year running (source)
- Nominet probes network intrusion linked to Ivanti zero-day exploit (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)