Easy Zero-day privilege escalation exploit for Windows released because Microsoft is stingy

A security researcher has released a very simple privilege escalation exploit for all supported versions of Windows because Microsoft has been cutting the amount it has been awarding for bug bounties.

Abdelhamid Naceri told Bleeping Computer that he was frustrated over Microsoft’s decreasing payouts in their bug bounty program.

“Microsoft bounties has been trashed since April 2020, I really wouldn’t do that if MSFT didn’t take the decision to downgrade those bounties,” explained Naceri.

Other researchers agreed, saying:

https://twitter.com/MalwareTechBlog/status/1287848085243060224?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1287848085243060224%7Ctwgr%5E%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fmicrosoft%2Fnew-windows-zero-day-with-public-exploit-lets-you-become-an-admin%2F

Naceri’s exploit easily elevates a regular user to System privileges, as can be seen in BleepingComputer’s video below:

The hack was developed based on a Microsoft patch for an earlier exploit which Naceri said was incomplete.

“This variant was discovered during the analysis of CVE-2021-41379 patch. the bug was not fixed correctly, however, instead of dropping the bypass,” explains Naceri in his writeup. “I have chosen to actually drop this variant as it is more powerful than the original one.”

The ‘InstallerFileTakeOver’ exploit works on Windows 10, Windows 11, and Windows Server and can be chained with other exploits to fully take over a computer network.

Microsoft has yet to respond to the release.