Microsoft Windows TWINUI Subsystem Privilege Escalation Vulnerability

A race condition vulnerability has been identified in the Tablet Windows User Interface (TWINUI) Subsystem, allowing an authorized attacker to locally elevate privileges. This vulnerability arises from improper synchronization in concurrent execution using shared resources.

Impact

Exploitation of this vulnerability could allow an attacker to elevate privileges from a Low Integrity Level in a sandboxed environment to a Medium Integrity Level.

Remediation

Users can apply the security update KB5073722 for Windows 10 Version 22H2 (32-bit and x64-based Systems), Windows 10 Version 21H2 (32-bit and x64-based Systems), Windows 11 Versions 23H2 and 24H2 (for both x64-based and ARM64-based Systems), and various Windows Server versions. Security Update KB5073450 is available for Windows Server 2022 (Server Core installation) and Windows Server 2022, 23H2 Edition (Server Core installation). For Windows Server 2019 (Server Core installation) and Windows Server 2019, Security Update KB5073723 can be downloaded. Windows Server 2025 (Server Core installation) also has a corresponding security update. Instructions for downloading these security updates are available on the Microsoft Update Catalog.