Volerion logoVolerion
Volerion logoVolerion

Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability

Vulnerability

A type confusion vulnerability has been identified in the Windows Ancillary Function Driver for WinSock. This vulnerability allows an authorized attacker to elevate privileges locally. It affects multiple Windows products, including various versions of Windows 10, Windows 11, Windows Server 2012, Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2025.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to gain SYSTEM privileges.

Remediation

Users can apply the security update for this vulnerability, which is included in the May 2026 security update rollup. Instructions for downloading this update are available on the Microsoft Update Catalog.

Added: May 12, 2026, 9:15 PM
Updated: May 12, 2026, 9:15 PM

Vulnerability Rating

Custom Algorithm
spread
8.4
impact
7.5
exploitability
3.3
remediation
7.7
relevance
8.1
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.