Microsoft Local Security Authority Server Privilege Escalation Vulnerability

A use-after-free vulnerability has been identified in the Microsoft Local Security Authority Server (lsasrv), allowing an authorized attacker to elevate privileges locally. This vulnerability affects several versions of Windows Server and Windows 10, as well as Windows 11. The issue arises from improper memory management, which can be exploited to gain higher privileges, potentially leading to SYSTEM access.

Impact

Exploitation of this vulnerability could allow an attacker to gain elevated privileges, with access rights equivalent to the SYSTEM account.

Remediation

Users can apply the security updates provided by Microsoft to address this vulnerability. These security updates are available through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5053594, KB5053602, KB5053886, KB5053887, KB5053620, KB5053627, KB5053888, KB5053598, KB5053599, and KB5053606.