Microsoft

Microsoft has released a high-severity vulnerability (CVSS 7.8) that requires local access and low-level user privileges to exploit, but delivers significant damage across confidentiality, integrity, and availability once compromised. The attack is difficult to execute due to high attack complexity, but bypasses standard security controls to affect multiple systems. Security teams should prioritize patching this vulnerability before the May 2026 deadline and monitor for exploitation attempts targeting users with local system access.