Primary

Context

Microsoft Virtual Hard Drive Stack-Based Buffer Overflow Vulnerability Allowing Privilege Escalation

Vulnerability

A stack-based buffer overflow vulnerability has been identified in Microsoft Virtual Hard Drive. This vulnerability allows an authorized attacker to locally elevate privileges. The issue arises from improper handling of memory, which could be exploited to overwrite the stack and potentially execute arbitrary code with elevated rights.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to gain SYSTEM privileges.

Remediation

Security updates addressing this vulnerability are available for multiple Windows versions. For Windows 10 (both x64-based and 32-bit systems), the security update is KB5055547. For Windows Server 2012 R2, the update is KB5055557. Windows Server 2016 users can apply KB5055521. Instructions for downloading these updates are available through the Microsoft Update Catalog.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Virtual Hard Drive Stack-Based Buffer Overflow Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating