Microsoft

Microsoft has disclosed a high-severity vulnerability (CVSS 7.8) that requires local access and low-level user privileges to exploit, with no user interaction needed, resulting in high impact to confidentiality, integrity, and availability. The vulnerability affects core Microsoft products and systems, making it a significant concern for enterprise environments. Security teams should monitor for patches expected by July 2026 and prioritize testing and deployment once available, as this local privilege escalation could be leveraged by authenticated attackers to gain full system control.