Microsoft Desktop Windows Manager Privilege Escalation Vulnerability

A use-after-free vulnerability in Desktop Windows Manager has been identified, allowing an authorized attacker to locally elevate privileges. This vulnerability could enable the attacker to gain unauthorized access to system resources and perform actions with the same privileges as the compromised process, potentially leading to further system compromise and unauthorized actions within the network.

Impact

Exploitation of this vulnerability could allow an attacker to gain elevated privileges, enabling unauthorized access to system resources and the ability to perform actions with elevated rights, which could lead to further system compromise.

Remediation

Users can apply the security updates provided by Microsoft to address this vulnerability. These security updates can be downloaded via the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5063875, KB5063880, KB5063871, KB5063709, KB5063877, and KB5063906.