Endpoint Vulnerability

Microsoft: Unified Write Filter Elevation of Privilege Vulnerability

Description

An elevation of privilege vulnerability exists in the Unified Write Filter (UWF) feature for Windows 10 when it improperly restricts access to the registry. An attacker who successfully exploited the vulnerability could make changes to the registry keys protected by UWF without having administrator privileges. To exploit the vulnerability, an attacker would have to log on to an affected system utilizing UWF and access the registry editor. The security update addresses the vulnerability by correcting how the Unified Write Filter verifies privileges when accessing the registry.

Affected Products

Windows Server 2016,Windows 10,Windows Server, version 1803 (Server Core Installation),Windows Server 2019

References

CVE-2019-0942,