Free Unofficial Patch for Zero-Day Bug in Windows

During the late August Patch Tuesday Microsoft uncompletely patched a zero-day bug that goes by the identification CVE-2021-34484. The company only fixed the impact of the proof-of-concept (PoC). Earlier security researcher Abdelhamid Naceri made a report on the issue. This uncompletely patched bug affects all Windows versions, including Windows 10, Windows 11, and Windows Server 2022. In the Windows User Profile Service it allows potential attackers to gain SYSTEM privileges under certain conditions.

Microsoft uncompletely fixed the patch during last August Patch Tuesday

Abdelhamid Naceri discovered lately that attackers could still bypass the Microsoft patch to elevate privileges to gain SYSTEM privileges under certain conditions, getting an elevated command prompt while the User Account Control (UAC) prompt displays itself. CERT/CC vulnerability analyst Will Dormann then checked the CVE-2021-34484 bypass PoC exploit. He discovered that it would not always create the elevated command prompt.

However, cyber security specialists point out that the bug won’t likely be exploited as it requires attackers to know and log in with other users’ credentials for exploiting the vulnerability. Microsoft acknowledged the existing problem and “will take appropriate action to keep customers protected.” Whilst the company is working on the problem, the 0patch micropatching service has released Thursday a free unofficial patch ( also known as a micropatch).

“While this vulnerability already has its CVE ID (CVE-2021-33742), we’re considering it to be without an official vendor fix and therefore a 0day,” 0patch co-founder Mitja Kolsek says. “Micropatches for this vulnerability will be free until Microsoft has issued an official fix.”

In order to use the free patch you will first need to register a 0patch account and then begin the installation process of the 0patch agent. Once the installation finishes itself, the micropatch will be applied automatically (if there is no custom patching enterprise policy in place blocking it). You won`t need to reboot your device.

Windows users can get free unofficial fix

The users of the following Windows versions can apply this free patch to block attacks using the CVE-2021-34484 bypass:

  • Windows Server 2016 64 bit updated with November 2021 Updates;
  • Windows Server 2019 64 bit updated with October or November 2021 Updates;
  • Windows 10 v1809 (32 & 64 bit) updated with May 2021 Updates;
  • Windows 10 v1903 (32 & 64 bit) updated with October or November 2021 Updates;
  • Windows 10 v1909 (32 & 64 bit) updated with October or November 2021 Updates;
  • Windows 10 v2004 (32 & 64 bit) updated with October or November 2021 Updates;
  • Windows 10 v20H2 (32 & 64 bit) updated with October or November 2021 Updates;
  • Windows 10 v21H1 (32 & 64 bit) updated with October or November 2021 Updates.
  • Besides, recently Google released an emergency update for Chrome browser. Since cyber security specialist found two actively exploited zero-day vulnerabilities. Identified as CVE-2021-38000 and CVE-2021-38003 the exploits allowed for inappropriate implementation in V8 JavaScript and WebAssembly engine and insufficient validation of untrusted input in a feature called Intents as well.

    About Andy

    Cybersecurity journalist from Montreal, Canada. Studied communication sciences at Universite de Montreal. I was not sure if a journalist job is what I want to do in my life, but in conjunction with technical sciences, it is exactly what I like to do. My job is to catch the most current trends in the cybersecurity world and help people to deal with malware they have on their PCs.

    Check Also

    Attackers usually don`t brut-force long passwords

    Attackers usually don`t brute-force long passwords

    Microsoft’s network of honeypot servers data showed that very few attacks targeted long and complex …

    Another Windows zero day allows for admin privileges

    Another Windows zero day allows for admin privileges

    Researcher Abdelhamid Naceri who often reports on Windows bugs this time dropped a working proof-of-concept …

    Leave a Reply