Windows 10 Vulnerability Allows Any User to Become an Admin

Windows 10 laptop
(Image credit: Shutterstock)

As discovered by BleepingComputer, a massive security hole has been found in Windows 10 (see how to get Windows 10 for free or cheap) and Windows 11 that allows local account users to access sensitive account information of both local and administrator accounts. This issue extends to the point where local accounts can change passwords of admin accounts, allowing potential attackers full access to the PC.

The problem lies in Microsoft's security rules assigned to the Windows Registry and the Security Account Manager. Both for some reason have reduced restrictions allowing any local user to fully access the files without administrator privileges.

This is even more critical of the Security Account Manager which holds all the account data -- including passwords -- of all users on the PC. Giving local users access to this private information can allow attackers to log into one of the administrator accounts for full control of the PC.

Luckily you can't just access the Windows Registry files at your leisure, as those files are always in use when Windows is running, meaning you can't view the files as Windows is using them.

But the workaround to this "problem", is to access the Windows Shadow Volume which serves as a backup to the Windows Registry and SAM files.

Microsoft is aware of the matter and is tracking it with code CVE-2021-36934, and includes a complete workaround for the issue, which includes restricting access to  %windir%\system32\config and deleting any restore points or Shadow volumes that were created before that point, until the hole is plugged with an official security patch.

Aaron Klotz
Contributing Writer

Aaron Klotz is a contributing writer for Tom’s Hardware, covering news related to computer hardware such as CPUs, and graphics cards.

  • excalibur1814
    "a massive security hole "

    How big? I need the measurements asap.
    Reply
  • kaalus
    As long as the current monopoly/duopoly in the desktop operating systems market exists, the atrocious quality of these systems will stay with us.
    Reply
  • helper800
    kaalus said:
    As long as the current monopoly/duopoly in the desktop operating systems market exists, the atrocious quality of these systems will stay with us.
    Surely Windows could be better, but to call it's quality "atrocious" is a bit much. If it were so easy to make something better, especially in the user experience department, someone would have made it and sold it as a product by now.
    Reply
  • hotaru.hino
    kaalus said:
    As long as the current monopoly/duopoly in the desktop operating systems market exists, the atrocious quality of these systems will stay with us.
    Then come up with something better.
    Reply
  • lyrx
    After 25 years of Windows. there's still security issue? Wear a condom. Geezus. The tech people create the problems then want us to call them saviors if the solve a problem. I'm over it. San Jose thinks they have great people, but they are no match for China and Russia when it comes to cyber threats. The U.S. is full of snowflake programmers.
    Reply
  • USAFRet
    lyrx said:
    After 25 years of Windows. there's still security issue? Wear a condom. Geezus. The tech people create the problems then want us to call them saviors if the solve a problem. I'm over it. San Jose thinks they have great people, but they are no match for China and Russia when it comes to cyber threats. The U.S. is full of snowflake programmers.
    Name an OS without vulnerabilities.
    Reply
  • tazmo8448
    The workaround that was mentioned in the article is vague at best on how to go about using it. All they mention is shadow copies so what do we do delete them all?
    Reply
  • helper800
    lyrx said:
    After 25 years of Windows. there's still security issue? Wear a condom. Geezus. The tech people create the problems then want us to call them saviors if the solve a problem. I'm over it. San Jose thinks they have great people, but they are no match for China and Russia when it comes to cyber threats. The U.S. is full of snowflake programmers.
    Ahh yes, the "you're a snowflake" remark transitioning directly to tribalism. Please continue, I would like to reference this in my oral arguments class, however, I need just a bit more material.
    Reply
  • hotaru.hino
    lyrx said:
    After 25 years of Windows. there's still security issue? Wear a condom. Geezus. The tech people create the problems then want us to call them saviors if the solve a problem. I'm over it. San Jose thinks they have great people, but they are no match for China and Russia when it comes to cyber threats. The U.S. is full of snowflake programmers.
    Name me a Chinese or Russian OS that's has zero security issues.

    Also security doesn't stop at the developer. It continues all the way down to the end user. It doesn't matter how hardened someone makes their OS if the person at the end doesn't update with the latest security patches, clicks on random links from random people, and happily gives their login information to phishers.
    Reply