The latest security vulnerability was discovered inside both Windows 10 and Windows 11 letting any user access admin privileges inside the operating system. This can, of course, be used by a potential attacker to get full control of the system.
The problem lies in Microsoft's security rules assigned to the Windows Registry and the Security Account Manager. Both for some reason have reduced restrictions allowing any local user to fully access the files without administrator privileges.
The problem is even more amplified if we think about Security Account Manager which includes all account data including the passwords of all users using the same PC. This can provide a potential attacker with all information and let them log on into the administrator account for full control.
Microsoft is aware of the matter and is tracking it with code CVE-2021-36934, and includes a complete workaround for the issue, which includes restricting access to %windir%\system32\config and deleting any restore points or Shadow volumes that were created before that point until the hole is plugged with an official security patch.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDPSParametersStep 4: After that, look for the “Parameters” registry key and select Permissions. Step 5: Now select your account under Group or user names. Step 6: Next, make sure that the “Full Control” and “Read” boxes are both checked, and then click on the Apply and OK buttons to save the changes. Step 7: Afterwards, navigate to this registry key: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlWDIConfig Step 8: From there, look for the Config key and right-click on it and select Permissions and then click on Add and type “NT Service/DPS in the box and click OK. Step 9: Now select “DPS” and check the Full control box, click OK and exit the Registry Editor. Step 10: Reboot your computer and check if the error is now fixed.
net stop wuauserv net start cryptSvc net start bits net start msiserver
net start wuauserv net start cryptSvc net start bits net start msiserver