• Windows 10: Security broken after Upgrade – SAM accessible by users

    Home » Forums » AskWoody support » Windows » Windows 10 » Windows 10-other » Windows 10: Security broken after Upgrade – SAM accessible by users

    Tags:

    Author
    Topic
    gborn
    AskWoody_MVP
    July 20, 2021 at 5:31 am #2378944

    The newest nightmare in security. If you run Windows 10 from 1809 and above, it’s likely, that the SAM database is accessible after an upgrade to a higher Windows 10 version. Every user has a read access right and may dump the password base of Windows users. Windows 11 is also affected. I have compiled first details at:

    Windows 10 upgrade breaks SAM access rights from 1809 upward, user access possible

    Ex Microsoft Windows (Insider) MVP, Microsoft Answers Community Moderator, Blogger, Book author

    https://www.borncity.com/win/

    6 users thanked author for this post.
    Microfix, doriel, Susan Bradley, Alex5723, EricB, Fred
    Reply | Quote
    Viewing 1 reply thread
    Author
    Replies
    • Susan Bradley
      Manager
      July 20, 2021 at 11:20 am #2378990

      I think this is more of a oh #$@% for businesses not consumers but it’s still extremely concerning that this stuff is missed.

      Susan Bradley Patch Lady/Prudent patcher

      Reply | Quote
    • doriel
      AskWoody Lounger
      July 21, 2021 at 8:39 am #2379208

      I have no RX flag for my SAM database. Does it mean we are safe? 🙂

      noRX

      By the way, I wouldn’t panic, it is what it is. Applying workarounds to change ACLs yourself can break things, and it’s very likely that it’s been that way for years anyway. Eventually, MS will patch this.

      Im OK, no panic here 😉

      Were on build 17763 (1809) and 19042 (20H2), mix of those two bilds.

      Dell Latitude 3420, Intel Core i7 @ 2.8 GHz, 16GB RAM, W10 22H2 Enterprise

      HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

      PRUSA i3 MK3S+

      • This reply was modified 3 years, 9 months ago by doriel.
      • This reply was modified 3 years, 9 months ago by doriel. Reason: WINVER
      Reply | Quote
    Viewing 1 reply thread
    Reply To: Windows 10: Security broken after Upgrade – SAM accessible by users

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.