There is a Windows error that Microsoft can't fix forever, so a third party has to fix it
CVE-2021-34484 is a Windows local privilege escalation zero-day vulnerability that allows users with administrative rights in Windows 10, Windows 11, and Windows Server.
This vulnerability scores 7.8 in the CVSS v3. So far, there is no sign of this vulnerability being exploited by attackers, but there are still many potential risks.
In August 2021, Microsoft released an official patch for this vulnerability shortly after it was discovered. After that, this bug was marked as fixed, but in fact, Microsoft's patch only fixed part of the problem, the vulnerability still existed.
A few months ago, 0patch discovered this vulnerability in the Windows User Profile Service. So 0patch took action and self-released the patch profext.dll.
By January 2022, Microsoft fixed this bug and replaced the "profext.dll" file, which caused the unofficial fix to be removed from everyone who applied the January Windows updates. 2022. In fact, Microsoft's patches did not fix the error, even breaking the previous unofficial patch of 0patch.
0patch continues to have to update its patch to be compatible with the latest Microsoft Tuesday Update and provide it for free to all registered users.
Affected and updated versions of Windows include:
- Windows 10 v21H1 (32 & 64 bit) updated with the March 2022 Update
- Windows 10 v20H2 (32 & 64 bit) updated with March 2022 Update
- Windows 10 v1909 (32 & 64 bit) updated with the March 2022 Update
- Windows Server 2019 64 bit updated with March 2022 Update
Microsoft said that it is aware of this case and will take appropriate steps to protect the safety of users.
You should read it
- Vulnerability discovered in ESET anti-virus software could allow hackers to gain system privileges on Windows
- 12-year vulnerability in pkexec gives hackers root privileges on Linux
- The Linux vulnerability series is more than '15 years old', allowing hackers to hijack root privileges
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
- Detects a vulnerability that threatens all Windows computers shipped from 2012 up to now
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- Steps to fix PrintNightmare vulnerability on Windows 10
- Exploit code released puts Windows 10 20H2 and Windows Server 20H2 at risk
- Detecting zero-day vulnerability in the Dropbox 10 Windows app, users pay attention!
- This critical vulnerability turns home devices into attack tools
- SEO trend 2021 determines the success of SEO projects in 2021
Maybe you are interested
How to fix the missing language bar error on Windows 11 extremely quickly
Turn off these visual effects to make Windows run smoother!
7 Ways to Customize Windows 11 Notepad
8 settings to change to make your Mac trackpad and keyboard work like Windows
How to add fonts to Word in Windows computer
How to use the file search command on Windows, find saved files