Windows 10 and Linux security flaws could let hackers hijack your work machine

representational image of a cloud firewall
(Image credit: Pixabay)

Two independent teams of cybersecurity researchers have discovered separate privilege escalation vulnerabilities in the latest versions of Windows 10/11 and Linux.

According to reports, while the Windows bug impacts recent builds of Windows 10 (build 1809 and newer), and the preview of Windows 11, the Linux vulnerability was successfully exploited by researchers on machines running Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation.

Both flaws can be exploited by malicious users to switch from non-administrative local users to the fully-privileged admin/root user on the respective operating system.

TechRadar needs yo...

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.

>> <a href="https://project.tolunastart.com/tqsruntime/main?surveyData=LFFFsT0HpgsyUe0tTFumBJohXK8Sedt0ARpsCF4DRGR+oCoVbvd+2+d8+UNIIx4L" data-link-merchant="project.tolunastart.com"" target="_blank">Click here to start the survey in a new window <<

I am root

According to BleepingComputer, the Windows vulnerability, tracked as CVE-2021-36934, exploits the misconfigured access control list (ACL) for the Security Account Manager (SAM), SYSTEM, and SECURITY registry hive files.

Exploiting the bug enables non-administrative users to read these sensitive registry data stores, and use their contents to gain elevated privileges. 

On the other hand, the Linux vulnerability, tracked as CVE-2021-33909 is dubbed Sequoia because of its deep roots in the Linux file system layer. 

In a blog post Bharat Jogi, Sr. Manager, Vulnerabilities and Signatures, Qualys, who discovered the vulnerability, writes that any unprivileged local attacker can exploit the bug by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB. 

Qualys has also put up a video demonstrating their proof of concept that successfully exploits the vulnerability to grant root user privileges to an unprivileged user on the vulnerable host. 

Via BleepingComputer

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.