Primary

Context

Microsoft Windows Hotpatch Monitoring Service Privilege Escalation Vulnerability

Vulnerability

A vulnerability allowing out-of-bounds write in the Windows Hotpatch Monitoring Service has been identified. This flaw enables an authorized attacker to locally elevate privileges. The vulnerability affects multiple Windows 11 versions, Windows Server 2025, and various build numbers.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to gain SYSTEM privileges.

Remediation

Users can download the security update for this vulnerability via the Microsoft Update Catalog. Security Update KB5094125 is available for Windows Server 2025, while KB5095051 can be downloaded for Windows 11 versions 26H1, 24H2, and 25H2. For Windows Server 2025 (Server Core installation), the security update KB5094125 is also available.

Added: Jun 9, 2026, 7:48 PM

Updated: Jun 9, 2026, 7:48 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

2.7

remediation

7.7

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

2.7

remediation

7.7

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Windows Hotpatch Monitoring Service Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Windows Server 2025

Microsoft Windows 11

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating