Windows has a critical, zero-day flaw and the worst part is that Microsoft has known about it for seven months and can’t seem to fix it.
The exploit in question impacts Windows 10, Windows 11, and Windows Server, allowing a user to gain administrative privileges, according to BleepingComputer. Microsoft has already released two separate patches to address the issue, but neither of them has successfully fixed it.
To make matters even worse, Microsoft’s latest effort to fix the vulnerability actually broke an unofficial patch that did fix it. 0patch (Zero Patch) is an independent security organization that provides patches for issues Microsoft cant/won’t fix, as well as older, end-of-life versions of Windows that Microsoft no longer supports. 0patch had successfully patched the fix, but now Microsoft’s patch has broke it.
When BleepingComputer asked Microsoft for info on their future plans to fix the issue, they received this response:
“We’re aware of this report and will take action as needed to protect customers.”
0patch has once again issued a fix that actually works, leading some to wonder why Microsoft can’t seem to do that with a product they made in the first place.