CVE-2024-21432
CVSS 3.1 Score 7.0 of 10 (high)
Details
Summary
CVE-2024-21432 is a newly disclosed vulnerability affecting Windows Update, allowing an attacker to elevate privileges through a stack manipulation technique. This issue can potentially enable threat actors to install unauthorized software and gain administrative access to affected systems. The vulnerability is particularly concerning since Windows Update automatically downloads and installs critical updates, providing attackers with a prime opportunity to exploit vulnerable systems. Microsoft is working on a patch to address this issue, and users are encouraged to apply it as soon as it becomes available to secure their systems against potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Windows 10
- Microsoft Windows 11
Affected Vendors
- Microsoft