CVE-2021-38639

Published on: 09/15/2021 12:00:00 AM UTC

Last Modified on: 09/15/2021 12:28:00 PM UTC

Certain versions of Windows from Microsoft contain the following vulnerability:

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36975.

CVE References

Description Tags Link
Security Update Guide - Microsoft Security Response Center portal.msrc.microsoft.com
text/html
URL Logo MISC portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38639

Related QID Numbers

  • 91816 Microsoft Windows Security Update for September 2021

Exploit/POC from Github

Windows win32k ascension UAC poc

Known Affected Software

Vendor Product Version
Microsoft Windows 10 Version 1809 for 32-bit Systems
Microsoft Windows 10 Version 1809 for x64-based Systems
Microsoft Windows 10 Version 1809 for ARM64-based Systems
Microsoft Windows 10 for 32-bit Systems
Microsoft Windows 10 for x64-based Systems
Microsoft Windows 10 Version 1607 for 32-bit Systems
Microsoft Windows 10 Version 1607 for x64-based Systems
Microsoft Windows 7 for 32-bit Systems Service Pack 1
Microsoft Windows 7 for x64-based Systems Service Pack 1
Microsoft Windows 8.1 for 32-bit systems
Microsoft Windows 8.1 for x64-based systems
Microsoft Windows RT 8.1
Microsoft Windows_Server 2019
Microsoft Windows_Server 2019 (Core installation)
Microsoft Windows_Server 2016
Microsoft Windows_Server 2016 (Core installation)
Microsoft Windows_Server 2008 for 32-bit Systems Service Pack 2
Microsoft Windows_Server 2008 for 32-bit Systems Service Pack 2 (Core installation)
Microsoft Windows_Server 2008 for x64-based Systems Service Pack 2
Microsoft Windows_Server 2008 for x64-based Systems Service Pack 2 (Core installation)
Microsoft Windows_Server 2008 R2 for x64-based Systems Service Pack 1
Microsoft Windows_Server 2008 R2 for x64-based Systems Service Pack 1 (Core installation)
Microsoft Windows_Server 2012
Microsoft Windows_Server 2012 (Core installation)
Microsoft Windows_Server 2012 R2
Microsoft Windows_Server 2012 R2 (Core installation)
Microsoft Windows_10_Version_1909_for_32-bit_Systems
Microsoft Windows_10_Version_1909_for_x64-based_Systems
Microsoft Windows_10_Version_1909_for_ARM64-based_Systems
Microsoft Windows_10_Version_21H1_for_x64-based_Systems
Microsoft Windows_10_Version_21H1_for_ARM64-based_Systems
Microsoft Windows_10_Version_21H1_for_32-bit_Systems
Microsoft Windows_Server_2022
Microsoft Windows_Server_2022_Server_Core_installation
Microsoft Windows_10_Version_2004_for_32-bit_Systems
Microsoft Windows_10_Version_2004_for_ARM64-based_Systems
Microsoft Windows_10_Version_2004_for_x64-based_Systems
Microsoft Windows_Server_version_2004_Server_Core_installation
Microsoft Windows_10_Version_20H2_for_x64-based_Systems
Microsoft Windows_10_Version_20H2_for_32-bit_Systems
Microsoft Windows_10_Version_20H2_for_ARM64-based_Systems
Microsoft Windows_Server_version_20H2_Server_Core_Installation

Social Mentions

Source Title Posted (UTC)
© CVE.report 2021 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report