A particularly unpleasant zero-day bug plaguing Windows 10 devices finally has an unofficial fix. While Microsoft has released numerous official fixes for the bug, each has only worsened the situation. Luckily, however, 0patch has stepped in once again to prevail where Microsoft continues to fail.
First identified in the summer of 2021 by security researcher Abdelhamid Naceri, the vulnerability (tracking code CVE-2021-34484) allowed threat actors to elevate their user privileges on target devices if they knew the username and password of at least two different users, putting billions of Windows users at risk for attack. The vulnerability affects users of Windows 10, 11, and even Windows Server.
In August of the same year, Microsoft released a fix for the 7.8 severity vulnerability as a feature of its Patch Tuesday release. The fix came under the critical examination of Naceri, who, finding the fix severely lacking, published a proof-of-concept evasion method on GitHub. According to Naceri, Microsoft failed to address the root cause of the vulnerability, instead choosing to focus only on what Naceri saw as a symptom.
Subsequent to Naceri’s findings, 0patch released a fix for the vulnerability, but as soon as Microsoft realized that their patch had failed, the vulnerability received a new tracking number, CVE-2022-21919, and immediately pushed an additional fix. This fix proved worse than its first, in Naceri’s opinion, and virtually undid the progress 0patch had made in patching the original vulnerability.
Luckily, 0patch has ported the fix, which has now been proven to work with Microsoft’s March 2022 Patch Tuesday release. As with the previous 0patch fix, the latest is free to download, provided you have a registered copy of the affected Windows operating systems. The following is a list of compatible versions, all of which have been furnished with the March 2022 updates:
- Windows 10 v21H1 (32 & 64 bit)
- Windows 10 v20H2 (32 & 64 bit)
- Windows 10 v1909 (32 & 64 bit)
- Windows Server 2019 64 bit
It is pertinent to note that devices that experienced end-of-life were not furnished with the March 2022 update.
The original 0patch fix still works on three versions of Windows 10, namely, Windows 10 1803, 1809, and 2004. As of yet, there is no evidence of the vulnerability having been exploited in the wild, so to speak, and no viruses or malware have been confirmed to be associated with it. If you’d like to explore Windows 11’s updates more comprehensively, why not read our article on the subject.