Security researcher Abdelhamid Naceri has published a serious vulnerability in Windows on the Internet in protest of Microsoft’s low rewards for researchers who report vulnerabilities. The vulnerability could allow an attacker to gain full administrator rights over a computer within seconds.
Naceri took a closer look at a solution from Microsoft in early November 2021. He found that the bug was not properly fixed and that he was able to develop an even more powerful version of this exploit in a roundabout way. He published his findings on this vulnerability as a Proof-of-Concept on the widely used public code platform GitHub.
The Bleeping Computer test shows that it is a serious vulnerability. They tested the exploit on a test PC with the most recent version of Windows 10. The exploit turned out to be very simple to perform: by clicking a .exe, an installation file, a regular account without rights changes within a few seconds into an administrator account that has full access to the computer.
In many companies, it is arranged through user rights (policies) that ordinary users are not allowed to install programs, but this zero-day works; so even if these policies are strict. This also makes large companies with better security vulnerable.
Normally, a researcher reports such a vulnerability to the software developer, so that they can silently fix it. Depending on how severe a vulnerability is, the researcher receives a reward in return, known as a bug bounty. These rewards can range from hundreds to tens of thousands of dollars, or even more. According to Naceri, Microsoft’s bug bounties have been significantly lower since April 2020 than before.
Often it takes a lot of time and effort to find and work out a vulnerability, so researchers are shocked when bounties that used to be worth $10,000 are now worth $1,000.
Catch up on more articles here
Follow us on Twitter here