Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability

A use-after-free vulnerability has been identified in the Windows Cloud Files Mini Filter Driver. This vulnerability allows an authorized attacker to locally elevate privileges. The issue arises from improper memory management, which can be exploited to gain higher-level access rights.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to gain SYSTEM privileges.

Remediation

Users can apply the security update for their specific Windows version. Security Update KB5071546 is available for Windows 10 versions 21H2 and 22H2, as well as for Windows 10 Version 1809. For Windows Server 2019 and 2022, the security update KB5071544 is recommended. Windows 11 users can download the security update KB5072033. Instructions for downloading these security updates are available on the Microsoft Update Catalog.