Skip to main content
  1. Home
  2. Computing

HiveNightmare is a nasty new Windows bug. Here’s how to protect yourself

Dua Rashid
By

A new bug called ‘HiveNightmare’ reportedly lets anyone with local or remote access to your PC take it over. This is a fairly new and serious flaw in the latest versions of Windows 10, as well as in Windows 11, which is still being tested in the Windows Insiders program.

Using malware, the hacker can gain complete access to your PC without needing an administrative password. The bug originates from an alleged change in the recent versions of Windows 10 and 11 that grants unauthorized users the privilege to access the Security Account Manager (SAM). The SAM is a database that contains both usernames and passwords for local accounts on the operating system.

Unauthorized users can access a backed-up version of the SAM in a shadow copy that Windows systems create. A shadow copy is a backup, hidden on the main drive, of a Windows system’s most important files. Your system creates a shadow copy each time it installs a system update or upgrade. So, malware that gets onto a PC via a dodgy-looking email, phishing software, or a malicious web link would be able to locate the SAM file in the shadow copy. Consequently, the user’s password hashes are easily accessible and a hacker will most probably be able to crack the hashes and take over the user’s PC.

Related

Microsoft has already looked into the issue and has warned its users. The company provided a statement to Toms Guide, saying, “An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

Microsoft promises future “mitigations and workarounds” as its investigation progresses.

Along with promising workarounds, the company has suggested a few ways to keep your PC safe right now. These ways include restricting access to the file directory to the SAM, or deleting your shadow copy of Windows. However, the second way could be a pain if you ever need to restore Windows.

Other preemptive measures that you can take include avoiding spammy emails, installing a reliable antivirus, and restricting physical access to your PC by people you don’t trust.

Editors' Recommendations

Topics
If you use PayPal, your personal data may have been compromised
A person holds a mobile phone with the PayPal app open.
How to fix audio issues in macOS
Apple MacBook Gold 2015 speaker grill
The best password managers for 2023
have i been pwned owner uncovers 13 million plaintext passwords leaked from free webhost is a safe password even possible we
Microsoft just scored a big win with Apple
Apple TV preview for the Microsoft App Store.
Dell Laptop Deals: Save on XPS 13, XPS 15, XPS 17 and more
dell xps 13 9310 specs price release date 02
How to sync your Outlook calendar with an iPhone
How to sync Outlook with an iPhone.
Best gaming laptop deals: Save on Alienware, Asus and more
intel 11th gen h series 230 fps teaser video gaming laptops
Best Alienware Deals: Save on gaming laptops, PCs and monitors
Alienware Aurora R12 gaming desktop displayed in front of a fantasy castle scene from a video game.
This huge password manager exploit may never get fixed
A large monitor displaying a security hacking breach warning.
Best 17-inch Laptop Deals: Get a large laptop for $330
Dell XPS 17 front view showing display and keyboard.
Apple Mac mini M2 buying guide: don’t make this mistake
The M1-powered Mac Mini.
Best Chromebook deals: Get a new laptop from $114
Woman sits at desk using a HP 11.6-inch Chromebook.
Tested: Is Discord really slowing down Nvidia GPUs?
Discord logo illustration