CVE-2024-38163 – Windows Update Stack Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2024-38163

13 Aug 2024 — Windows Update Stack Elevation of Privilege Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the WinREUpdateInstaller_2401B_amd64 installer. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38163 • CWE-284: Improper Access Control •