SecurityWeek: Researcher Shows Windows Flaw More Serious After Microsoft Releases Incomplete Patch

SecurityWeek: Researcher Shows Windows Flaw More Serious After Microsoft Releases Incomplete Patch. “Tracked as CVE-2021-34484, the bug is described by Microsoft as a Windows User Profile Service elevation of privilege, and requires local, authenticated access for exploitation. All versions of Windows, including Windows Server, are affected. The security error resides in the User Profile Service, affecting code designed for creating a temporary user profile folder when the original profile folder is damaged.”

Leave a Reply

%d bloggers like this: