107 matches found
CVE-2025-21204
CVE-2025-21204 affects Windows Update Stack with improper link resolution before file access, enabling local privilege elevation for an authenticated user. Public documentation confirms the vulnerability and that Microsoft released fixes as part of April 2025 updates; patches include OS updates t...
CVE-2025-27475
CVE-2025-27475 is a Windows Update Stack elevation-of-privilege vulnerability. Description: sensitive data stored in improperly locked memory within the Windows Update Stack can enable a locally authenticated attacker to escalate privileges. CVSS v3.1 metrics indicate LOCAL attack vector, HIGH im...
PT-2025-15482
Name of the Vulnerable Software and Affected Versions Windows Update Stack affected versions not specified Description The vulnerability is related to improper link resolution before file access in the Windows Update Stack, allowing an authorized attacker to elevate privileges locally. This issue...
Microsoft Windows Update Stack 后置链接漏洞
Microsoft Windows Update Stack is part of Microsoft Corporation USA for managing updates. A backlink vulnerability exists in Microsoft Windows Update Stack. An attacker could exploit the vulnerability to elevate privileges. The following products and editions are affected:Windows Server...
Microsoft Windows Update Stack 安全漏洞
Microsoft Windows Update Stack is part of Microsoft Corporation USA for managing updates. A security vulnerability exists in Microsoft Windows Update Stack. An attacker could exploit the vulnerability to elevate privileges. The following products and editions are affected:Windows 11 Version 22H2...
The vulnerability of the Windows Update Stack component of the Microsoft Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Windows Update Stack component of the Microsoft Windows operating system is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to enhance their privileges...
PT-2024-8069 · Microsoft · Windows Update Stack +1
Name of the Vulnerable Software and Affected Versions: Windows Update Stack versions prior to the fixed version Description: The issue is related to inadequate access control in the Windows Update Stack component of the Microsoft Windows operating system. This can be exploited to elevate...
Microsoft Windows Update Stack 访问控制错误漏洞
Microsoft Windows Update Stack is part of Microsoft Corporation USA for managing updates. An access control error vulnerability exists in Microsoft Windows Update Stack. An attacker could exploit the vulnerability to elevate privileges. The following products and editions are affected:Windows...
The vulnerability of the Windows Update Stack component of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Windows Update Stack component of the Windows operating system is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to enhance their privileges...
Patch Tuesday - August 2024
Microsoft is addressing 88 vulnerabilities this August 2024 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for ten of the vulnerabilities published today, which is significantly more than usual. At time of writing, all six of the known-exploited...
CVE-2024-38163
CVE-2024-38163 is a Windows Update Stack Elevation of Privilege vulnerability with a CVSS v3.1 base score of 7.8 (LOCAL, Low attack complexity, Low privileges required, No user interaction). It affects the Windows Update servicing stack and can lead to SYSTEM-level compromise under local access. ...
Microsoft Windows Update Stack 访问控制错误漏洞
Microsoft Windows Update Stack is part of Microsoft Corporation USA for managing updates. An access control error vulnerability exists in Microsoft Windows Update Stack. An attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected:Windows...
PT-2024-5740 · Microsoft · Windows 10 +1
Name of the Vulnerable Software and Affected Versions: Windows 10 affected versions not specified Description: The issue is related to a lack of access control in the Windows Update Stack component, which can be exploited to elevate privileges. An attacker must first obtain the ability to execute...
KLA71414 PE vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Windows Update Stack can be exploited remotely to gain privileges. 2. An...
The vulnerability of the Windows Update Stack component of the Microsoft Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Windows Update Stack component of the Microsoft Windows operating system is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Windows Update Stack component of the Microsoft Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Windows Update Stack component in the Microsoft Windows operating system is related to the lack of authentication for a critical function. Exploiting this vulnerability can allow an attacker to increase their privileges...
CVE-2024-26236
Windows Update Stack Elevation of Privilege Vulnerability...
Microsoft Windows Update Stack 安全漏洞
The Microsoft Windows Update Stack is part of Microsoft's USA for managing updates. A security vulnerability exists in Microsoft Windows Update Stack. An attacker could exploit the vulnerability to elevate privileges...
PT-2024-4621 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to a lack of authentication for a critical function in the Windows Update Stack component of the Microsoft Windows operating system. This can be exploited to...
Microsoft Windows Update Stack 安全漏洞
Microsoft Windows Update Stack is part of Microsoft Corporation USA for managing updates. A security vulnerability exists in Microsoft Windows Update Stack. An attacker could exploit the vulnerability to elevate privileges...