Boneheaded recent change to Windows just makes it too easy

There’s a new and very serious flaw in recent versions of Windows 10 and Windows 11 that could let any local user without an administrative password, including malware installed by other means, take full control of the PC. No fix from Microsoft is available yet.

This vulnerability stems from an apparent change in recent versions of Windows 10 that permits even unprivileged users to be able to read the Security Account Manager (SAM), SYSTEM and SECURITY files in the Windows Registry, reported security researcher Jonas Lykkegaard on Twitter yesterday (July 19). 
…
Read more