KLA12242 PE vulnerability in Microsoft Windows

An elevation of privilege vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to gain privileges.

Original advisories

CVE-2021-36934

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

Microsoft-Windows-10

CVE list

CVE-2021-36934 critical

KB list

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Windows 10 Version 21H1 for ARM64-based SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 2004 for ARM64-based SystemsWindows 10 Version 20H2 for 32-bit SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 2004 for x64-based SystemsWindows 10 Version 21H1 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1909 for x64-based SystemsWindows 10 Version 1909 for 32-bit SystemsWindows 10 Version 21H1 for x64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 20H2 for x64-based SystemsWindows 10 Version 20H2 for ARM64-based SystemsWindows 10 Version 2004 for 32-bit Systems