Microsoft Windows 10 and Windows 11 users are urged to be on high alert after reports of a botched security update that failed to handle the threat. The flaw had already been caught earlier this year but the fix Microsoft installed worsened the problem, according to Forbes, leaving a security hole in all major Windows versions.

Forbes said that the vulnerability has already been exploited by hackers: "During our investigation, we looked at recent malware samples and were able to identify several that were already attempting to leverage the exploit," Cisco Talos' Head of Outreach Nick Biasini told Bleeping Computer.

"Since the volume is low, this is likely people working with the proof of concept code or testing for future campaigns. This is just more evidence on how quickly adversaries work to weaponize a publicly available exploit."

Security researcher Abdelhamid Naceri publicly disclosed the vulnerability. He said that it bypasses the previous flaw, named CVE-2021-41379, which Microsoft thought it had patched in November. Forbes reports that it "enables a hacker to elevate privileges allowing them to take over a computer and spread their attacks across the victim’s network."

According to Bleeping Computer, when exploited, the vulnerability gives the attacker system privileges on all up-to-date devices running the latest Windows releases.

These are the highest user rights available on Windows

-It makes it possible for the attacker to perform any operating system command.
-Experts have warned that a Microsoft update may be the only fix to this new flaw.
-"The best workaround available at the time of writing this is to wait for Microsoft to release a security patch, due to the complexity of this vulnerability," explained Naceri.
-"Any attempt to patch the binary directly will break windows installer. So you better wait and see how Microsoft will screw the patch again."

MICROSOFT WORKING ON FIX

Microsoft has said it is aware of the vulnerability and is working to protect users. “We are aware of the disclosure and will do what is necessary to keep our customers safe and protected," the company said in a statement to Bleeping Computer. "An attacker using the methods described must already have access and the ability to run code on a target victim's machine." Security platform 0patch is said to be working on a stop-gap fix to give Microsoft more time to solve the problem.