Skip to main content

HiveNightmare is a nasty new Windows bug. Here’s how to protect yourself

A new bug called ‘HiveNightmare’ reportedly lets anyone with local or remote access to your PC take it over. This is a fairly new and serious flaw in the latest versions of Windows 10, as well as in Windows 11, which is still being tested in the Windows Insiders program.

Using malware, the hacker can gain complete access to your PC without needing an administrative password. The bug originates from an alleged change in the recent versions of Windows 10 and 11 that grants unauthorized users the privilege to access the Security Account Manager (SAM). The SAM is a database that contains both usernames and passwords for local accounts on the operating system.

Unauthorized users can access a backed-up version of the SAM in a shadow copy that Windows systems create. A shadow copy is a backup, hidden on the main drive, of a Windows system’s most important files. Your system creates a shadow copy each time it installs a system update or upgrade. So, malware that gets onto a PC via a dodgy-looking email, phishing software, or a malicious web link would be able to locate the SAM file in the shadow copy. Consequently, the user’s password hashes are easily accessible and a hacker will most probably be able to crack the hashes and take over the user’s PC.

Microsoft has already looked into the issue and has warned its users. The company provided a statement to Toms Guide, saying, “An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

Microsoft promises future “mitigations and workarounds” as its investigation progresses.

Along with promising workarounds, the company has suggested a few ways to keep your PC safe right now. These ways include restricting access to the file directory to the SAM, or deleting your shadow copy of Windows. However, the second way could be a pain if you ever need to restore Windows.

Other preemptive measures that you can take include avoiding spammy emails, installing a reliable antivirus, and restricting physical access to your PC by people you don’t trust.

Editors' Recommendations

Dua Rashid
Former Digital Trends Contributor
Dua is a media studies graduate student at The New School. She has been hooked on technology since she was a kid and used to…
A new Windows 11 hardware system requirement may be incoming
A man sits, using a laptop running the Windows 11 operating system.

Microsoft appears to finally be putting its foot down on how far back it's willing to go when it comes to supporting older hardware. As of the upcoming Windows 11 24H2 build, Microsoft will require that your processor supports the POPCNT instruction. If you're wondering what that is and whether this will affect you, you're not alone.

This new addition was spotted by Bob Pony on X (formerly Twitter). According to the user, if the CPU doesn't support the POPCNT instruction or it's disabled, Windows won't work at all. Multiple system files now require this instruction, starting with the Windows 11 kernel. Long story short -- no POPCNT, no Windows 11 24H2.

Read more
How to start Windows 11 in Safe Mode
Windows 11 on a tablet.

If your Windows 11 PC is having issues, one way to troubleshoot those issues is start your PC in Safe Mode. Safe Mode is essentially a very basic version of Windows 11, without all the bells and whistles and only a restricted set of features, drivers, and files. This mode essentially lets you take a look at your computer and helps you figure out exactly what issue is plaguing your PC.

But booting into Safe Mode on Windows 11 isn't as easy as just pressing a single button. You'll need to navigate through a series of menus first and the method for getting there depends on your PC specific situation (Is your PC still working or is it just a blank or black screen?).

Read more
How to remove a Microsoft account from Windows 11
Windows 11 updates are moving to once a year.

While many people love porting their Microsoft account to their new Windows 11 PC, just as many hate the experience. One of the nicest things about having a new computer is how little tabs it has over you, and letting Microsoft in from the beginning — especially in a way that feels required — is a bit letdown for privacy-minded people.

To make matters worse, getting rid of your account feels tricky. It not only feels like it, Microsoft is your direct antagonist in getting the privacy you want. Luckily, you can make a local account that is disconnected from the rest of your life to gain back the personal feel of your computer. Here's how:
Removing a Microsoft account from Windows 11

Read more