Windows PCs Vulnerable To RID Hijacking; Grants Full System Access To Attackers

Sebastian Castro, a security researcher, discovered an exploit of obtaining admin rights and boot persistence. This exploit is on Windows PCs, is easily executable, and is difficult to stop. Account security identifiers (SIDs) typically have a Relative Identifier (RID) code associated with them. They define the access level of the account and are easily manipulated. The manipulation can be executed from Windows XP to 10 and on Server 2003 to 2016. Microsoft has yet to release a statement or patch for this vulnerability. Luckily, it is not a widely known exploit yet, but users of Windows systems are advised to monitor their access accounts closely and investigate any accounts appearing suspicious.


Relevant URL(s): https://fossbytes.com/windows-pcs-vulnerable-to-rid-hijacking-grants-full-system-access-to-attackers/