23 Jul Microsoft issues warning to ALL Windows 10 users: You need to follow these steps now
Microsoft issues warning to ALL Windows 10 users: You need to follow these steps now
MICROSOFT has issued a stark warning to Windows 10 users about a new zero-day flaw, which could allow hackers to delete or steal your personal data, create new accounts on your PC, and much more.
Windows 10 users have been put on high alert over a dangerous new flaw found lurking inside the popular desktop operating system. Dubbed SeriousSAM, it allows bad actors to gain administrator rights on vulnerable systems – enabling them to install malware, applications, delete files, and much more. SeriousSAM is a so-called “zero-day vulnerability”, which means that attackers are already aware of how to leverage the flaw. That means Microsoft is in a race against the hackers – to fix the problem before too many people fall victim to hackers exploiting the issue.
Thankfully, Microsoft is working on a fix. However, these things take some time. And while the Redmond-based company is hard at work on a permanent patch for the problem, which it refers to as CVE-2021-36934, Microsoft has shared a workaround to protect your laptop, desktop PC, or tablet from these attacks.
“An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database,” Microsoft explains in a security advisory published earlier this week. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have the ability to execute code on a victim system to exploit this vulnerability.”
This latest zero-day vulnerability impacts all versions of Windows launched from October 2018 to present.
Restrict access to the contents of %windir%system32config:
Open Command Prompt or Windows PowerShell as an administrator.
Run this command: icacls %windir%system32config*.* /inheritance:e
Delete Volume Shadow Copy Service (VSS) shadow copies:
Delete any System Restore points and Shadow volumes that existed prior to restricting access to %windir%system32config
Create a new System Restore point (if desired)
While the workaround will keep your machine safe, there are some side effects. Microsoft has cautioned users that deleting these shadow copies from their systems – as explained above – will impact some system and file restore operations, for example, if you use a third-party backup app to restore data. If you or your business relies on a third-party backup solution, it might be worth swerving the workaround for the time being.
With any luck, a permanent fix, that doesn’t break some backup solutions, will be coming very soon.
Your Cloud service provider – Downtown
Our team of experts enable companies to enjoy the advanced opportunities offered by Cloud technologies. Our Cloud solutions include offsite data backup, data sync services, Hosted Exchange, and Office 365. Those same experts will work alongside you to be sure we not only implement the best technological solutions to improve the way you work but also ensure it is as straightforward as possible. You and your team will be educated throughout the entire process and be confident that your systems are secure at all times.
Contact us now to find out how we can help you.
Source: https://www.express.co.uk