Windows WalletService Elevation of Privilege Vulnerability [CVE-2021-26871]
CVE number = CVE-2021-26871
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the WalletService component. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
Affected Products
- Windows 10 Version 1909 for 32-bit Systems,
- Windows 10 Version 1909 for x64-based Systems,
- Windows 10 Version 1909 for ARM64-based Systems,
- Windows 10 Version 2004 for 32-bit Systems,
- Windows 10 Version 2004 for ARM64-based Systems,
- Windows 10 Version 2004 for x64-based Systems,
- Windows 10 Version 20H2 for x64-based Systems,
- Windows 10 Version 20H2 for 32-bit Systems,
- Windows 10 Version 20H2 for ARM64-based Systems
Resolution
Use Microsoft Windows Automatic Updates to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.
I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.