CVE-2024-38107 - Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability

Vulnerability Name

Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability

Description

Microsoft Windows Power Dependency Coordinator contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to obtain SYSTEM privileges.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38107

https://nvd.nist.gov/vuln/detail/CVE-2024-38107

Related News Articles

Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-DaysAugust 14, 2024

Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Day ExploitsAugust 14, 2024

Microsoft fixes 6 zero-days under active attackAugust 14, 2024

Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploitedAugust 14, 2024