Important Notice: On February 29th, this community was put into read-only mode. All existing posts will remain but customers are unable to add new posts or comment on existing. Please feel to join our Community Discord for any questions and discussions.

SeriousSAM Mitigation

Robertson, Mike

Updated July 28, 2021 18:02

Thanks to Brock & Joran for their info on how to scan for and mitigate the issue with SeriousSAM, I was able to quickly deal with the situation in our environment. I am curious about what others have observed regarding this. In my environment, there are around 260 machines currently active. Out of those, 42 of the machines do not appear to have the vulnerability, ie the permissions on the system32 folder were already correct. These 42 machines are mostly Windows 10 21H1 builds with a smattering of 20h2 and a 1909 or two. Just wondering if anyone else is seeing machines that dont appear to be affected by the vulnerability and if anyone has any insight on why this would be so?

0

Comments

2 comments

Andrew M.
July 28, 2021 18:07 (Edited July 28, 2021 18:10)

Can you link to the mitigation info you're referring to?

0
Robertson, Mike
July 28, 2021 18:09

SeriousSAM - Vulnerability Exposes Registry Data Files To Low Privileged Users | PDQ.com

1