Lucene search
Abdelhamid Naceri (halov)ZDI-21-286HistoryMar 15, 2021 - 12:00 a.m.
Microsoft Windows Update Agent Directory Junction Denial-of-Service Vulnerability
2021-03-1500:00:00
Abdelhamid Naceri (halov)
www.zerodayinitiative.com
24
0.0004 Low
EPSS
Percentile
9.9%
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within Windows Update Agent. By creating a directory junction, an attacker can abuse Windows Update Agent to delete a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
Related
nvd
nvd
CVE-2021-26866
2021-03-11 16:15:14
prion
prion
Privilege escalation
2021-03-11 16:15:00
mscve
mscve
Windows Update Service Elevation of Privilege Vulnerability
2021-03-09 08:00:00
cvelist
cvelist
CVE-2021-26866 Windows Update Service Elevation of Privilege Vulnerability
2021-03-11 15:38:37
cve
cve
CVE-2021-26866
2021-03-11 16:15:14
mskb
mskb
March 9, 2021âKB5000807 (OS Build 10240.18874)
2021-03-09 08:00:00
March 9, 2021âKB5000809 (OS Build 17134.2087)
2021-03-09 08:00:00
March 9, 2021âKB5000803 (OS Build 14393.4283) - EXPIRED
2021-03-09 08:00:00
nessus
nessus
KB5000807: Windows 10 March 2021 Security Update
2021-03-09 00:00:00
KB5000803: Windows Security Update (March 2021)
2021-03-09 00:00:00
KB5000809: Windows 10 Version 1803 March 2021 Security Update
2021-03-09 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5000807)
2021-03-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5000802)
2021-03-10 00:00:00
kaspersky
kaspersky
KLA12111 Multiple vulnerabilities in Microsoft Windows
2021-03-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2021
2021-03-09 22:13:03