Microsoft Windows Elevation of Privilege Vulnerability in Desktop Window Manager

A use-after-free vulnerability has been identified in the Desktop Window Manager, allowing an authorized attacker to locally elevate privileges. This vulnerability affects multiple Windows versions, including Windows 10, Windows 11, and Windows Server 2022. The issue arises from improper memory management, which can be exploited to gain higher system privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to gain SYSTEM privileges.

Remediation

Users can apply the security updates provided by Microsoft to address this vulnerability. These security updates can be downloaded via the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5082200 for various Windows 10 versions, KB5082052 for Windows 11 Version 23H2, and KB5082142 for Windows Server 2022.