{"id":22115,"date":"2021-11-13T00:18:00","date_gmt":"2021-11-12T23:18:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=22115"},"modified":"2022-11-03T10:39:56","modified_gmt":"2022-11-03T09:39:56","slug":"0patch-fixt-lpe-schwachstelle-cve-2021-34484-in-windows-user-profile-service","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2021\/11\/13\/0patch-fixt-lpe-schwachstelle-cve-2021-34484-in-windows-user-profile-service\/","title":{"rendered":"0patch fixes LPE Vulnerability (CVE-2021-34484) in Windows User Profile Service"},"content":{"rendered":"

\"Windows\"[German<\/a>]There is an incompletely patched Local Privilege Escalation vulnerability (CVE-2021-34484) in the Windows User Profile Service. Although there has been an update for all Windows versions since August 2021, it does not fully patch the vulnerability. ACROS Security has therefore developed a free 0patch solution to mitigate this vulnerability.<\/p>\n

<\/p>\n

The LPE vulnerability (CVE-2021-34484)<\/h2>\n

\"\"In August 2021, Microsoft published security advisory CVE-2021-34484<\/a> on a vulnerability in Windows User Profile Service. This vulnerability allows Local Privilege Escalation (LPE). However, details of the vulnerability reported by Abdelhamid Naceri (halov) – works for Trend Micro Zero Day Initiative<\/a>Initiative – were not provided. At the same time, Microsoft has patched the vulnerabilities via the August 2021 Windows security updates.<\/p>\n

Security researcher Abdelhamid Naceri then looked into the matter after installing the security update and found that it did not fully close the LPE vulnerability. It was possible for him to bypass the security mechanism introduced by the Microsoft patch. Naceri points out the issue in the following tweet<\/a>.<\/p>\n

\"CVE-2021-34484<\/a><\/p>\n

He described some details on GitHub<\/a> and also provided a proof of concept (PoC<\/a>). I had reported about this issue in the blog post Local Privilege Escalation Vulnerability (0-day) in all Windows Versions<\/a>.<\/p>\n

The 0Patch solution for CVE-2021-34484<\/h2>\n

The team at ACROS Security, which has been providing the 0Patch solution for years, has analyzed the LPE vulnerability CVE-2021-34484 and provided a micropatch to render the vulnerability harmless. Mitja Kolsek drew attention to this free solution via Twitter<\/a>.<\/p>\n

\"0Patch<\/a><\/p>\n

More detail may be found in this blog post<\/a> from November 11, 2021 by 0patch. The 0patch micropatches are available for free for the following products:<\/p>\n