Microsoft acknowledges Windows 11 and Windows 10 admin privileges vulnerability

Microsoft issued a security advisory regarding the recently discovered admin privileges vulnerability.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

What you need to know

Windows 11and Windows 10 PCs have a vulnerability that allows users with low privileges to access Registry files. Wereported on the issue in depthon July 20, 2021, but Microsoft has sinceacknowledged the issuein a security advisory.

“We are investigating and will take appropriate action as needed to help keep customers protected,” said Microsoft in a statement toBleepingComputer.

The Windows Registry stores several types of secure information, including passwords and decryption keys. As a result, Registry files are only supposed to be accessible to users with elevated privileges. The vulnerability affects PCs running Windows 11 or Windows 10.

Security researcherJonas Lykkegaardflagged the vulnerability to BleepingComputer. Lykkegaard discovered that Registry files associated with the Security Account Manager and other Registry databases could be accessed by anyone in the “Users” group of a device that has low privileges.

There’s a chance that this vulnerability is related to the Windows Update process. It’s been confirmed that the issue affects a fully patched Windows 10 20H2 build. It’s also been noted that it is not present in PCs with a clean installation of Windows 20H2.

Microsoft shared a workaround for the vulnerability in its security advisory:

Restrict access to the contents of %windir%\system32\config

Get the Windows Central Newsletter

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Delete Volume Shadow Copy Service (VSS) shadow copies

While security issues aren’t rare, several notable vulnerabilities have caused problems with Windows recently. ThePrint Spooler sagastarted at the beginning of this month andcontinues to be a problem.

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He’s covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean’s journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.