What you need to know
- Researchers discovered a vulnerability in Windows that allows threat actors to create Admin accounts on PCs.
- All supported versions of Windows before the January 2022 Patch Tuesday updates can be affected by the vulnerability.
- Microsoft fixed the vulnerability with its January 2022 Patch Tuesday updates.
A security researcher recently shared details regarding a vulnerability in Windows that lets people gain elevated access to PCs (via Bleeping Computer). These types of vulnerabilities are relatively common and are often discovered, fixed, and then disclosed. They allow threat actors with access to a PC to open applications as an administrator or to create new admin accounts on a PC. This elevated access can then be used in various malicious ways.
Microsoft fixed the vulnerability in question, which is labeled as CVE-2022-21882, in its January 2022 Patch Tuesday updates. The vulnerability was discovered by RyeLv. Will Dorman, an analyst at CERT/CC, later confirmed that the vulnerability can be used to gain elevated access.
BleepingComputer was able to use the vulnerability to open the Notepad app with elevated privileges. Lawrence Abrams, the editor in chief of BleepingComputer, clarified that while he could only get the exploit to work on Windows 10 that it does affect Windows 11.
Since the vulnerability has already been fixed, many PCs are not affected by it. BleepingComputer notes, however, that some admins skipped the January 2022 Patch Tuesday updates because of a collection of critical bugs. As a result, some PCs remain vulnerable to the exploit.
Microsoft has since released updates to address the issues in the January 2022 Patch Tuesday updates, so it's probably worth upgrading now. If admins still decide to wait, all of the aforementioned fixes should ship to PCs in February 2022.
