Microsoft Desktop Windows Manager Use-After-Free Vulnerability Allowing Local Code Execution
Vulnerability
A use-after-free vulnerability has been identified in the Desktop Windows Manager (DWM). This vulnerability allows an authorized attacker to execute code locally. The issue arises from improper memory management, where a program continues to use a pointer after the memory it points to has been freed, potentially leading to arbitrary code execution.
Impact
Exploitation of this vulnerability could allow an authorized attacker to execute code on the affected system.
Reproduction
To reproduce this vulnerability, an authorized user must execute code on the local machine that creates a window and intentionally causes it to hang. This can be done by exploiting the GhostWindow object use-after-free vulnerability in the DWM process.
Remediation
Users can apply the security updates provided by Microsoft to address this vulnerability. These security updates can be downloaded via the Microsoft Update Catalog or through the Windows Server Update Services (WSUS).
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.