Описание
Windows 10 Update Assistant Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Windows 10 Update Assistant in the way it handles permissions.
A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
The security update addresses the vulnerability by ensuring the Windows 10 Update Assistant properly handles permissions.
FAQ
1. What is the Windows Update Assistant, and where and how do I get the update?
More information about Windows 10 Update Assistant is available here.
If in the past after being directed to the Download Windows 10 page you clicked Update Now and then SAVED the WindowsUpdate9252 installer executable file to your machine, you need to do the following:
- Delete the WindowsUpdate9252 installer file.
- On the Download Windows 10 page, click Update Now to get the updated installer, and follow the instructions to either Run or Save the installer.
If you previously RAN the WindowsUpdate9252 installer executable file, see the following FAQs:
**2. How do I determine if I have Update Assistant installed?
- Launch Windows Settings and click Apps.
- Look for Windows 10 Update Assistant under Apps and Features.
3. I have the Update Assistant installed. How do I uninstall it?
- Click Windows 10 Update Installer.
- Click Uninstall.
- When the dialog box appears to confirm the uninstall action, click Uninstall to continue the process.
- When the uninstallation process is complete, you can also delete the folder %windir%\UpdateAssistant or C:\Windows\UpdateAssistant from your device to remove the Update Assistant files, if any.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Update Assistant |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
Связанные уязвимости
An elevation of privilege vulnerability exists in Windows 10 Update Assistant in the way it handles permissions.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows 10 Update Assistant Elevation of Privilege Vulnerability'.
An elevation of privilege vulnerability exists in Windows 10 Update Assistant in the way it handles permissions.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows 10 Update Assistant Elevation of Privilege Vulnerability'.
Уязвимость программного средства работы с обновлениями Windows Update Assistant, связанная с небезопасным управлением привилегиями, позволяющая нарушителю выполнить произвольный код
EPSS