Microsoft Windows Installer Elevation of Privilege Vulnerability

An elevation of privilege vulnerability has been identified in the Windows Installer. This vulnerability allows an attacker to gain SYSTEM privileges. It affects multiple Windows versions, including Windows 11, Windows 10 (various architectures), Windows Server 2022, Windows Server 2019, and Windows Server 2012 R2. The vulnerability arises from improper link resolution before file access, allowing for unauthorized privilege escalation.

Impact

Exploitation of this vulnerability could lead to unauthorized elevation of privileges, allowing an attacker to gain SYSTEM rights.

Remediation

Users can apply the security updates provided by Microsoft to address this vulnerability. These security updates are available through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5051989, KB5051974, KB5052000, KB5052042, and KB5052020.