Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Windows Zero-day Flaw Giving Admin Rights Gets Unofficial Patch, Again

Windows Zero-day Flaw Giving Admin Rights Gets Unofficial Patch, Again

A Windows local privilege escalation zero-day vulnerability that Microsoft has failed to fully address for several months now, allows users to gain administrative privileges in Windows 10, Windows 11, and Windows Server.

The locally exploited vulnerability in Windows User Profile Service is tracked as CVE-2021-34484 and was given a CVSS v3 score of 7.8. While exploits have been publicly disclosed in the past, they are not believed to be actively exploited in the wild.

The peculiarity of this case lies in the fact that Microsoft has been unable to address the flaw since its discovery last summer and that it has marked the bug as fixed twice.

According to the 0patch team, which has been unofficially providing fixes for discontinued Windows versions and some vulnerabilities that Microsoft won’t address, the flaw is still a zero-day. In fact, Microsoft’s patches failed to fix the bug and broke 0patch’s previous unofficial patch.

Also Read: Ways to protect HR data and avoid penalties for data breaches

The LPE that won’t stay fixed

The Windows User Profile Service Elevation of Privilege Vulnerability, tracked as CVE-2021-34484, was discovered by security researcher Abdelhamid Naceri and disclosed to Microsoft, who fixed it as part of the August 2021 Patch Tuesday.

Soon after the fix was released, Naceri noticed that Microsoft’s patch was incomplete and presented a proof of concept (PoC) that bypassed it on all Windows versions.

CVE-2021-34484​​​​​​​ Exploit launching an elevated command prompt with SYSTEM privileges
CVE-2021-34484 Exploit launching an elevated command prompt with SYSTEM privileges
Source: BleepingComputer

The 0patch team stepped in at that point, releasing an unofficial security update for all Windows versions and making it free to download for all registered users.

Microsoft also responded to this bypass with a second security update released with the January 2022 Tuesday Patch Tuesday, giving the bypass a new tracking ID as CVE-2022-21919 and marking it as fixed. However, Naceri found a way to bypass that fix while commenting that this attempt was worse than the first.

While testing their patch against the researcher’s second bypass, 0patch found that their patch to the “profext.dll” DLL still protected users against the new exploitation method, allowing those systems to remain secure.

However, Microsoft’s second fixing attempt replaced the “profext.dll” file, leading to the removal of the unofficial fix from everyone who had applied the January 2022 Windows updates.

0patch has now ported the fix to work with the March 2022 Patch Tuesday updates and made it available for free to all registered users.

Also Read: Data Protection Act of Singapore: Validity in the Post-pandemic World

The Windows versions that can take advantage of the new micro-patch are the following:

  • Windows 10 v21H1 (32 & 64 bit) updated with March 2022 Updates
  • Windows 10 v20H2 (32 & 64 bit) updated with March 2022 Updates
  • Windows 10 v1909 (32 & 64 bit) updated with March 2022 Updates
  • Windows Server 2019 64 bit updated with March 2022 Updates

It should be noted that Windows 10 1803, Windows 10 1809, and Windows 10 2004 are still protected by 0patch’s original patch, as those devices have reached the end of support and did not receive the Microsoft update that replaced the DLL.

How to install the micro-patch

The micro-patch will remain available as a free download to users of the above Windows versions as long as Microsoft hasn’t released a complete fix for the particular LPE problem and all its bypasses.

To those interested in taking up that offering, update your Windows 10 to the latest patch level (March 2022), create a free account in 0patch Central, and then install and register the 0patch Agent from here.

Doing that will initiate an automated micro-patching process with no manual actions or reboots required for the chances to take effect on your system.

Bleeping Computer has contacted Microsoft to ask if it’s planning to revisit the particular flaw and maybe try and fix it via a security update in the future, and a spokesperson of the company has shared the following comment:

“We’re aware of this report and will take action as needed to protect customers.”



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us