Microsoft released an update for a range of Windows products to resolve the CVE-2024-43629 vulnerability discovered by Sergey Tarasov from the Positive Technologies Expert Security Center (PT ESC). Updates were released for Windows 10, Windows 11, Windows Server 2025, Windows Server 2022, and Windows Server 2019. The vulnerability received a CVSS 3.1 score of 7.8 with a severity level of Important.
“Once an attacker gets onto a victim’s computer, they can exploit an LPE (Local Privilege Escalation) vulnerability to then take over the system and follow through with the attack. The vulnerability was discovered as part of a regular study of popular programs and the vendor was informed immediately as part of the responsible disclosure policy. The Microsoft team patched the issue shortly after, and all users should install the update as soon as possible,” commented Sergey Tarasov, Head of the PT Expert Security Center Vulnerability Analysis Group.
The vulnerability allows attackers to escalate user privileges to the system level. The PT Expert Security Center shares that this technique is used to gain access to a system’s most critical components and follow through on the next stages of an attack.
In 2017, the PT Expert Security Center team discovered and helped Microsoft resolve a similar vulnerabilty (CVE-2017-0263) in the current and previous versions of Windows 10. PT ESC specialists discovered an attempt by attackers to use the previously undocumented vulnerability as part of a phishing email they detected during standard monitoring of new cyberthreats. Attackers could exploit it to gain maximum privileges on workstations and servers running Windows 10, 8.1, 7, Server 2008, Server 2012, and Server 2016. All they needed to do first was log in to the system.
Vulnerability management systems such as MaxPatrol VM can be used to discover these types of security issues.
Discussion about this post