Microsoft is looking into a serious flaw that could allow hackers to take over your computer.
Hackers could use a new Security Bug in the latest versions of Windows to remotely install programs, steal data and passwords, and even lock users out of their computers. All versions of Windows newer than Windows 10 version 1809 are affected, according to Microsoft, including the Windows 11 beta.
The vulnerability is caused by “overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database,” according to Microsoft’s bug report. Although the bug has not been successfully exploited, Microsoft warns that given the severity of the vulnerability, such an attack is “likely.” An attacker would need direct access to a person’s computer to carry out an attack—either physically or by tricking them into downloading malware-laden files. Once a hacker has full administrator access, they can “install programs,” “view, change, or delete data,” and “create new accounts with full user rights.”
First, you need to restrict access to the “%windir%\system32\config” system folder.
- Use the taskbar to search for “PowerShell.” (Note: You can also perform these steps in Command Prompt.)
- Right-click “Windows PowerShell” from the results and click “Run as an administrator.”
- In PowerShell, type the following command:
icacls %windir%\system32\config\*.* /inheritance:e
- Press “Enter.”
Next, you need to delete your System Restore points. Make sure to do this after you restrict access to %windir%\system32\config.
- Right-click “My PC” from the Windows File Explorer and select “Properties.”
- Click “System Protection” from the left-hand menu.
- Click to highlight your local hard drive in the “Available drives” list, then click “Configure.”
- Click “Delete,” then “Continue” to confirm.
If you want, you can create a new System Restore point after the old backups have been deleted: Return to the System Protection tab, select your drive, and then press “Create.” Click “Okay” after adding a description for the restore point (such as the date and time).