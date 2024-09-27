Rechercher
Microsoft Vulnerability CVE-2024-6769 Now Public on Fortra.com

September 2024 by Fortra

Global cybersecurity software and solutions provider Fortra has published details about a vulnerability affecting Microsoft systems that allows attackers to escalate privileges from medium to high integrity levels without triggering a UAC (user account control) prompt.

The UAC prompt is essential for preventing unauthorized actions by providing a security checkpoint for administrators. However, this exploit removes that safeguard, enabling attackers to execute high-level tasks without detection or administrative approval. This could have significant consequences, particularly in environments where elevated permissions are tightly controlled, such as corporate networks or government systems.

• Impact: Allows unauthorized escalation to high integrity without UAC, introducing serious post-compromise risks
• Affected Systems: Windows 10, Windows 11, Windows Server 2019/2022 (with all updates applied)
• Current Status: Microsoft has not classified this as a vulnerability according to their security criteria, but Fortra urges organizations to be aware of the risks, as this exploit can be used for privilege escalation post-compromise.


