[ad_1]
Facepalm: Since final summer season, a probably harmful vulnerability affecting all currently-supported variations of Windows has eluded Microsoft’s safety workforce. So far, Redmond builders have failed to repair it twice. This week an out of doors group launched its personal patch for the second time.
Third-party platform 0patch has launched its second repair for an area privilege escalation vulnerability after Microsoft’s newest try at mitigation broke the group’s first patch. The newest model works for the March 2022 editions of Windows 10 v21H1, v20H2, v1909, and Windows Server 2019. Downloading it requires a free account at 0patch’s web site.
A Bug That Doesn’t Want To Die (CVE-2021-34484) – Twice Bypassed and Twice Micropatched, Will Third Time be a Charm? pic.twitter.com/VooVZILHSk
— 0patch (@0patch) March 21, 2022
The entire debacle began final August when safety researcher Abdelhamid Naceri found a vulnerability (CVE-2021-34484) that provides attackers administrator-level privileges. It impacts Windows 11, Windows 10, and Windows Server. Microsoft tried to repair the exploit as a part of August 2021 Patch Tuesday, however Naceri quickly developed a proof of idea that circumvented Microsoft’s repair.
In November, 0patch stepped in with its first unofficial repair, which proved efficient. However, Microsoft launched a second official patch as a part of January 2022 Patch Tuesday. Not solely did Naceri discover a means round this one, however making use of it additionally undid 0patch’s working answer.
Developers at 0patch have now ported a brand new repair to variations of Windows with Microsoft’s newest updates. The group says its first patch nonetheless protects Windows variations that now not obtain official help—like Windows 10 v1803, v1809, and v2004.
[ad_2]