A security researcher has released a very simple privilege escalation exploit for all supported versions of Windows because Microsoft has been cutting the amount it has been awarding for bug bounties.
Abdelhamid Naceri told Bleeping Computer that he was frustrated over Microsoft’s decreasing payouts in their bug bounty program.
“Microsoft bounties has been trashed since April 2020, I really wouldn’t do that if MSFT didn’t take the decision to downgrade those bounties,” explained Naceri.
Other researchers agreed, saying:
Under Microsoft's new bug bounty program one of my zerodays has gone from being worth $10,000 to $1,000 ?
— MalwareTech (@MalwareTechBlog) July 27, 2020
Naceri’s exploit easily elevates a regular user to System privileges, as can be seen in BleepingComputer’s video below:
The hack was developed based on a Microsoft patch for an earlier exploit which Naceri said was incomplete.
“This variant was discovered during the analysis of CVE-2021-41379 patch. the bug was not fixed correctly, however, instead of dropping the bypass,” explains Naceri in his writeup. “I have chosen to actually drop this variant as it is more powerful than the original one.”
The ‘InstallerFileTakeOver’ exploit works on Windows 10, Windows 11, and Windows Server and can be chained with other exploits to fully take over a computer network.
Microsoft has yet to respond to the release.