Microsoft has shared a Windows 10 zero-day vulnerability (dubbed SeriousSAM) that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. Microsoft recommends restricting access to the problematic folder AND deleting Volume Shadow Copy Service (VSS) shadow copies to mitigate this issue. Microsoft is still investigating the vulnerability and is working on a patch that will most likely be released as an out-of-band security update later this week. Security researcher Jonas Lykkegaard also found that Windows 11 (Microsoft’s not officially released OS) is also impacted.
Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-workaround-for-windows-10-serioussam-vulnerability/