How to Protect Yourself From the New Windows 10 and 11 Security Bug
A new security vulnerability has been discovered in recent versions of Windows that hackers can use to remotely install programs, steal data and passwords, and even block users from accessing their computers. Microsoft says it affects all versions of Windows newer than Windows 10, version 1809, including the Windows 11 beta.
According to a Microsoft bug report , the vulnerability stems from “overly permissive access control lists (ACLs) for multiple system files, including the Security Accounts Manager (SAM) database.” The bug has not been successfully exploited, but Microsoft’s report warns that such an attack is “likely” given the severity of the vulnerability. To carry out an attack, an attacker would need direct access to a person’s computer, either physically or by deception to download files with malware. Once a hacker gains access, he can give himself full administrative control and “install programs; view, change or delete data; or create new accounts with full user rights. “
Microsoft will supposedly fix the issue in future security updates for Windows 10 and 11, but until then, users should be careful. Practice good data protection, such as clicking on unknown email links or downloading files from sketchy websites, and using reliable anti-malware software.
There is also a workaround to restrict access to vulnerable system files on your PC. This will protect hackers, but it will make it difficult to recover files with System Restore, so it won’t work as a long-term solution. However, it is worth considering if you want to fully protect yourself from potential security breaches.
First, you need to restrict access to the system folder ” % windir% \ system32 \ config “.
- Use the taskbar to search for “PowerShell”. (Note: you can also follow these steps on the command line.)
- In the results, right-click “Windows PowerShell” and select “Run as administrator”.
- In PowerShell, enter the following command:
icacls %windir%\system32\config\*.* /inheritance:e
- Press Enter.
Then, you need to remove the system restore points. Be sure to do this after restricting access to % windir% \ system32 \ config .
- Right-click My Computer in Windows Explorer and select Properties.
- Click on “System Protection” in the left menu.
- Click to highlight your local hard drive in the Available Drives list, then click Configure.
- Click Remove, then Continue to confirm.
After deleting old backups, you can create a new system restore point if you want: go back to the “System Protection” tab, select the drive and click “Create”. Add a description for the restore point (for example, date and time), then click OK.
[ SlashGear ]