Microsoft Windows Server 2016
Moderate fix1 remedy
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*
Moderate fix1 remedy
Microsoft Windows Push Notifications Privilege Escalation Vulnerability
Vulnerability
A type confusion vulnerability has been identified in Windows Push Notifications, allowing an authorized attacker to elevate privileges locally. This vulnerability affects multiple Windows products and versions, including various Windows Server releases and different versions of Windows 10 and Windows 11. The root cause of the vulnerability is access to a resource using an incompatible type, leading to unauthorized privilege escalation.
Impact
Exploitation of this vulnerability allows an attacker to elevate privileges from a Low Integrity Level in a sandboxed environment to a Medium Integrity Level.
Remediation
Users can apply the security updates provided by Microsoft to address this vulnerability. These security updates are available through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5063871, KB5063950, KB5063906, KB5063889, KB5063878, KB5063899, KB5063709, KB5063880, KB5063812, and KB5063877.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
1.3exploitability
3.3remediation
7.7relevance
0.3threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.