Skip to main content
  1. Home
  2. Computing

HiveNightmare is a nasty new Windows bug. Here’s how to protect yourself

By

A new bug called ‘HiveNightmare’ reportedly lets anyone with local or remote access to your PC take it over. This is a fairly new and serious flaw in the latest versions of Windows 10, as well as in Windows 11, which is still being tested in the Windows Insiders program.

Using malware, the hacker can gain complete access to your PC without needing an administrative password. The bug originates from an alleged change in the recent versions of Windows 10 and 11 that grants unauthorized users the privilege to access the Security Account Manager (SAM). The SAM is a database that contains both usernames and passwords for local accounts on the operating system.

Recommended Videos

Unauthorized users can access a backed-up version of the SAM in a shadow copy that Windows systems create. A shadow copy is a backup, hidden on the main drive, of a Windows system’s most important files. Your system creates a shadow copy each time it installs a system update or upgrade. So, malware that gets onto a PC via a dodgy-looking email, phishing software, or a malicious web link would be able to locate the SAM file in the shadow copy. Consequently, the user’s password hashes are easily accessible and a hacker will most probably be able to crack the hashes and take over the user’s PC.

Related: 
Best new movies to stream on Netflix, Hulu, Prime Video, Max (HBO), and more

Microsoft has already looked into the issue and has warned its users. The company provided a statement to Toms Guide, saying, “An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

Microsoft promises future “mitigations and workarounds” as its investigation progresses.

Along with promising workarounds, the company has suggested a few ways to keep your PC safe right now. These ways include restricting access to the file directory to the SAM, or deleting your shadow copy of Windows. However, the second way could be a pain if you ever need to restore Windows.

Other preemptive measures that you can take include avoiding spammy emails, installing a reliable antivirus, and restricting physical access to your PC by people you don’t trust.

Dua Rashid
Dua Rashid
Former Computing Writer
Dua is a media studies graduate student at The New School. She has been hooked on technology since she was a kid and used to…
Topics

Editors’ Recommendations

Windows 10 KB5051974 update adds a new app without asking
A Dell laptop with Windows 10 sitting on a desk.

Microsoft has released the KB5051974 cumulative update for versions 22H2 and 21H2, adding security fixes and patching a memory leak. However, as Bleeping Computer reports, the update also includes a surprise: the new Outlook for Windows app.

The update is mandatory because it includes the January 2025 Patch Tuesday security updates. Once you install it, you will notice the new app icon near the classic one in the Start Menu's apps section. Since the new app can operate concurrently, you don't have to worry about interfering with the old one.

Read more
Microsoft is cracking down on unsupported Windows 11 installs
A Dell laptop with Windows 10 sitting on a desk.

A support document showing users how to install Windows 11 on unsupported PCs was deleted sometime in the past two months. Its disappearance, noticed by Neowin, echoes Microsoft's recent "year of the Windows 11 PC refresh" rhetoric, encouraging (or forcing) users to buy new PCs that meet Windows 11 hardware requirements.

When Windows 11 launched in 2021, Microsoft announced that it was adding TPM 2.0 as a hardware requirement -- a move that was met with plenty of resistance. To soften the blow, Microsoft also published a support document detailing how users could edit their registry key values to bypass the TPM 2.0 check.

Read more
Microsoft is axing support for its own apps on Windows 10
The Surface Laptop 7 on a table in front of a window.

Microsoft has announced that support for Microsoft 365 apps on Windows 10 will end this year on October 14, as reported by The Verge. This is also the end-of-support date for Windows 10 as a whole, but the move is still a little surprising considering that Microsoft is now offering the Windows 10 Extended Security Updates (ESU) Program.

Anyone who joins this program for $30 can continue to safely use Windows 10 for a whole extra year -- so you might think that Microsoft would let them continue to use the Office apps too. That said, it's not like the apps will disappear, they just won't receive any more updates. According to Microsoft, this could cause "performance and reliability issues over time" but whether these issues will pop up within the ESU program's duration or not is anyone's guess.

Read more