Microsoft

Microsoft has released a medium-severity vulnerability (CVSS 4.4) that requires local access and low-level user privileges to exploit, with no user interaction needed, resulting in integrity and availability impacts but no confidentiality loss. The attack is limited to local systems where an authenticated attacker with standard user permissions can degrade system integrity or availability. Security teams should monitor for suspicious local privilege escalation attempts and unusual file or system modifications by low-privileged accounts on Windows systems.