Was method 34 patched?

[Signum21]

It doesn't seem to work. I dont't get any error or UAC request. Defender is disabled.

I followed the instructions for compilation, method 69 works with UAC set to always notify.

My PC: Windows 10 Home 22H2 Build 19045.3031 64 Bit

[hfiref0x]

Does your system still has IE?

[Signum21]

If by IE you mean Internet Explorer, no, I don't have it installed.

[hfiref0x]

I've tested it on 19044, full patch, it still works.

Reason why it is failing for you is probably because you have compiled exe with invalid payload dlls. The correct compilation described here https://github.com/hfiref0x/UACME/issues/120#issuecomment-1455237819

[Signum21]

I followed that thread. Here are my steps:

Downloaded latest release from Github

Compiled in Release: Akatsuki(x64) Fubuki(x64) Fubuki(Win32) Naka(x64) Naka(Win32)

Copied to .\Naka\output\x64\Release and executed Naka64.exe on: Akatsuki64.dll Fubuki64.dll Kamikaze.msc

Copied to .\Naka\output\Win32\Release and executed Naka32.exe on: Fubuki32.dll

Copied to .\Naka\output\x64\Release: Fubuki32.cd Fubuki32.key

Executed Naka64.exe --stable (Also tried using Naka32.exe to generate secret32.bin) Removed empty files from .\Akagi\bin

Copied to \Akagi\bin: Akatsuki64.cd Fubuki64.cd Fubuki32.cd Kamikaze.cd secrets32.bin secrets64.bin

Compiled entire project in Release x64

Do you notice any wrong step? Is it possible they fixed it in 19045?

Edit: I tried using my compiled Akagi on a remote virtual machine with an old version of windows (17763), it works, that means the compilation was correct. If my pc is not broken the only thing that comes to mind is that they just fixed it in 19045.

[hfiref0x]

Ohh, I somehow misread your topic title method 34 as method 64 :) That is why I was asking about Internet Explorer.

It seems you are right and there was a silent fix for this.

Well, this patch (if there is a patch and this is not a collateral damage of some unrelated changes) seems propagated to all supported Win10 versions since I observe these results on LTSC 19044.

It took them ~6 years to fix, better than never.

[Signum21]

Thanks for verifying it.

[hfiref0x]

Btw, which KB fixed it? Was it May 2023 update? KB5026361? Just to clarify state of fix for readme.

[Signum21]

I'm sorry, I have no idea and no way to verify it.

[hfiref0x]

Okay, nvm

[DidierStevens]

FYI: I looked into this very same issue too.

This stopped to work after the Windows patches of January 2023. I have a VM that I update every month & preserve with a snapshot. After the updates of December 2022, method 34 still works, after the updates of January 2023 it no longer works.