Microsoft Windows Speech Brokered API Privilege Escalation Vulnerability

A use-after-free vulnerability has been identified in the Windows Speech Brokered API, allowing an authorized attacker to locally elevate privileges. This vulnerability arises from improper memory management, creating opportunities for privilege escalation.

Impact

Exploitation of this vulnerability could lead to unauthorized administrative privileges.

Remediation

Users can apply the security update for this vulnerability through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles KB5082200 for various Windows 10 versions, KB5082142 for Windows Server 2022, KB5082123 for Windows Server 2019, KB5082198 for Windows Server 2016, and KB5082063 for Windows Server 2025. For Windows 11, the relevant update is KB5083768 for both x64 and ARM64-based systems, as well as KB5082052 for the 23H2 version. Users should consult the Microsoft Support Lifecycle for guidance on their software's support status.