Watch out for the latest Windows 11 and Windows 10 admin privileges vulnerability

Never underestimate the importance of the Windows Registry.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

What you need to know

Update July 21, 2021 at 12:45 p.m. ET:Microsoft has confirmed the vulnerability’s existence, labeling itCVE-2021-36934. It affects “Windows 10 version 1809 and newer operating systems,” according to Microsoft.

The fight for security is neverending, as can be evidenced by the fact that yet another vulnerability is leavingWindows 11and Windows 10 users exposed not long afterWindows Print Spooler issuesthrew everyone, all the way up to theU.S. government, for a loop. Now you can worry about your printer as well as the contents of your Windows Registry.

In case you’re not familiar with what’s stored in the Windows Registry, lots of useful info is hidden away in there. Passwords, app configuration options, associated Windows security tokens, and more are all inside it. Typically, you needn’t worry about the contents of the Windows Registry because users without elevated privileges can’t access it.

Given that we’re gathered here to discuss a potentially crippling Windows vulnerability, you can see where this is going.

As reported byBleepingComputer, it’s been discovered that low-privilege users can, in fact, access Registry content, including key items such as Security Account Manager (SAM) files, by utilizing Windows shadow volume copies. BleepingComputer breaks down the consequences for Windows 11 and Windows 10 in detail, but the long and short of it is that threat actors can use the vulnerability to snag important passwords and gain elevated system privileges.

Though this issue was confirmed to be present on a fully patched Windows 10 20H2 build, it was also cited as not being present on a clean installation of Windows 20H2. The question of whether this vulnerability is exclusive to versions that have gone through the upgrade process rather than been freshly installed remains unanswered.

In news relating to Microsoft security efforts that are going as intended, check out the company’stakedown of malicious homoglyphs.

Get the Windows Central Newsletter

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Robert Carnevale is the News Editor for Windows Central. He’s a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author ofCold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.