QID 91838

QID 91838: Microsoft Windows 10 Update Assistant Elevation of Privilege Vulnerability November 2021

Windows Update Assistant is prone to Elevation of Privilege Vulnerability.

Affected Software:
Windows Update Assistant

QID Detection Logic (Authenticated):
Detection checks for vulnerable version by fetching the details from Uninstall registry key

On Successful exploitation, an attacker would only be able to delete targeted files on a system, but they would not gain privileges to view or modify file contents..

  • CVSS V3 rated as High - 7.8 severity.
  • CVSS V2 rated as High - 6.9 severity.
  • Solution
    Users are advised to check CVE-2021-42297 and CVE-2021-43211 for more information.

    CVEs related to QID 91838

    Software Advisories
    Advisory ID Software Component Link
    CVE-2021-42297 URL Logo msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42297
    CVE-2021-43211 URL Logo msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43211