Microsoft Windows Server 2012
Moderate fix2 remedies
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*
Moderate fix2 remedies
Microsoft Windows QoS Scheduler Privilege Escalation Vulnerability
Vulnerability
A time-of-check time-of-use (TOCTOU) race condition vulnerability has been identified in the Microsoft Windows Quality of Service (QoS) scheduler. This vulnerability allows an authorized attacker to locally elevate privileges. The issue arises from a race condition, where the timing of events can be manipulated to create unintended consequences, potentially leading to unauthorized access or control.
Impact
Exploitation of this vulnerability could allow an attacker to gain SYSTEM privileges.
Remediation
Users can apply the security update KB5062552 for Windows 11, KB5062554 for Windows 10, and various KBs for different Windows Server versions. These security updates are available through the Microsoft Update Catalog.
Added: Jul 8, 2025, 6:42 PM
Updated: Jul 8, 2025, 6:42 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
7.5exploitability
2.9remediation
7.7relevance
0.2threat
0.1urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.