After a security hole was discovered that left computers vulnerable to hackers despite TWO updates, Microsoft issued a warning to Windows users.

Microsoft users have been issued a WARNING after a new vulnerability was discovered that leaves them vulnerable to hackers.

After reports of a botched security update that failed to handle the threat, Microsoft Windows 10 and Windows 11 users are being advised to be on high alert.

According to Forbes, the flaw was discovered earlier this year, but the fix Microsoft implemented worsened the problem, leaving a security hole in all major Windows versions.

According to reports, the faulty fix is "more powerful than the original," allowing hackers to take control of computers.

Hackers have already taken advantage of the flaw, according to Forbes.

"We looked at recent malware samples during our investigation and were able to identify several that were already attempting to leverage the exploit," Nick Biasini, Cisco Talos' Head of Outreach, told BleepingComputer.

"Given the low volume, this is most likely people working on the proof-of-concept code or testing for future campaigns; it's just another example of how quickly adversaries work to weaponize a publicly available exploit."

Abdelhamid Naceri, a security researcher, made the flaw public.

It bypasses the previous flaw, CVE-2021-41379, which Microsoft thought it had patched in November, according to him.

It "allows a hacker to elevate privileges, allowing them to take control of a computer and spread their attacks across the victim's network," according to Forbes.

When exploited, the vulnerability grants the attacker system privileges on all up-to-date devices running the latest Windows releases, according to Bleeping Computer.

These are the most powerful user rights in Windows.

It allows the attacker to run any command on the operating system.

According to experts, a Microsoft update may be the only way to fix this new flaw.

"Due to the complexity of this vulnerability, the best workaround available at the time of writing this is to wait for Microsoft to release a security patch," Naceri explained.

"Any attempt to patch the binary directly will break Windows installer; you'd be better off waiting to see how Microsoft screws up the patch again."

Microsoft has acknowledged the flaw and stated that it is working to protect users.

"We are aware of the disclosure and will take all necessary steps to protect our customers," the company said in a statement to Bleeping Computer.

"An attacker using the methods described must already have access to a target victim's machine and the ability to run code on it."

0patch, a security platform, is said to be working on a temporary fix to give Microsoft more time to fix the issue.

In other news, Android users are being advised to update their phone's privacy settings after a new update may expose their devices to security threats.

According to reports, Samsung has discontinued one of its most popular smartphone lines.

In a popular TikTok video, a tech expert revealed some exciting hidden Google features.

Get the amazing news right in your inbox

about author
Leave a Reply