This nasty Windows 10 zero-day vulnerability finally has an unofficial fix

Start11 on Windows 11 in an office, displayed on a PC
(Image credit: Shutterstock / Stardock - kathayut kongmanee)

A nasty zero-day Windows vulnerability that Microsoft’s has so far been unsuccessful at patching has finally got an unofficial fix.

The CVE-2021-34484 (and later CVE-2022-21919), a 7.8 severity vulnerability allows elevation of privilege in Windows 10, Windows 11, and Windows Server, but has now been fixed by the 0patch team, and is available for download on this link for all registered users.

The flaw was first discovered by security researcher Abdelhamid Naceri, who disclosed it to Microsoft in the summer of 2021, with the company issuing a fix as part of its August 2021 Patch Tuesday. 

TechRadar needs yo...

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> Click here to start the survey in a new window <<

If it's not broken, don't try to fix it

However, Naceri soon discovered that the patch itself was flawed, and published a proof-of-concept that showcase how an attacker could still abuse the vulnerability. Where Microsoft failed, 0patch succeeded. However, when Microsoft realized the patch failed, it gave the vulnerability a new tracking ID (CVE-2022-21919) and pushed another fix.

This one, according to Naceri, was “worse than the first” as it removed the initial unofficial fix, putting everyone who had applied it, back in harm’s way.

Now, 0patch has ported the fix, which now works with the March 2022 Patch Tuesday update. Same as with the previous one, this one is free for registered users, as well. Here’s the list of OS versions that can apply it: 

Windows 10 v21H1 (32 & 64 bit) updated with March 2022 Updates
Windows 10 v20H2 (32 & 64 bit) updated with March 2022 Updates
Windows 10 v1909 (32 & 64 bit) updated with March 2022 Updates
Windows Server 2019 64 bit updated with March 2022 Updates

0patch’s original patch still works on Windows 10 1803, Windows 10 1809, and Windows 10 2004.

There are no evidence of the flaws being abused in the wild with malware, or viruses, the publication confirmed. The devices that reached end of life did not receive the update. 

Via: BleepingComputer

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.