New Exploits Discovered in Windows and Linux

Exploits were recently discovered in the latest versions of Windows 10/11 and Linux by two separate groups of independent cybersecurity researchers.

Both of the vulnerabilities can be exploited by hackers to give non-admin users full access to the respective operating system.

The Windows exploit was discovered by security researcher Jonas Lykkegaard, who shared his findings on Twitter. Lykkegaard discovered that the Windows 10 and 11 registry files associated with the Security Account Manager (SAM) are accessible to the "User" group, which has minimal access privileges on a computer.

The SAM is a database that stores user accounts and account descriptors. With this bug, malicious actors could, according to Microsoft, "…Install programs; view, change, or delete data; or create new accounts with full user rights."

The Linux vulnerability was discovered by researchers at cybersecurity firm Qualys with the team dubbing the bug, "Sequoia." According to a post on Qualys’ blog, the researchers verified that Sequoia could be found on "default installations of Ubuntu 20.04, [20.10], [21.04], Debian 11, and Fedora 34 Workstation."

While they haven’t confirmed it yet, the researchers suggest that other Linux systems could have the vulnerability.

In a security advisory, Microsoft confirmed the exploit affects Windows 10 version 1809 and newer systems. Version 1809 released in October 2018, so versions of the OS released since have the bug. The company has yet to release a patch to fix the exploit, but until then, Microsoft has delivered a temporary workaround solution which can be found in the aforementioned advisory.

As for Linux, Qualys released a proof of concept video detailing how the exploit can be done and recommends that users patch this vulnerability immediately. The firm is currently working on releasing patches as they become available so Linux users will have to wait. Users can find these patches on the Qualys blog.