Microsoft Windows win32k.sys Privilege Escalation Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must run a malicious executable. The specific flaw exists within the handling of Dynamic Data Exchange objects. The issue lies in the destruction of DDE objects within a thread. An attacker can leverage this to escalate their privileges and execute code under the context of SYSTEM.