Dark_Puzzle

**Name of the Vulnerable Software and Affected Versions** Applocker Filter Driver (applockerfltr.sys) (affected versions not specified) **Description** A race condition occurs in the Applocker Filter Driver (applockerfltr.sys) due to concurrent execution using a shared resource with improper synchronization. This allows an authorized attacker to elevate privileges locally. A race condition is a situation where the system's substantive behavior is dependent on the sequence or timing of other uncontrollable events. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** A flaw exists in Windows Performance Counters related to pointer dereferencing. Successful exploitation could allow an attacker to gain elevated privileges. The issue involves a null pointer dereference, potentially allowing a local attacker to elevate their privileges. Approximately an estimated number of potentially affected devices worldwide is not available. No real-world incidents have been reported. The vulnerability affects the `Performance Counters` component of the operating system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows versions (affected versions not specified) **Description** A use-after-free condition exists in the Windows Ancillary Function Driver for WinSock, specifically within the `afd.sys` file. This issue allows an authorized attacker to elevate privileges locally. The vulnerability is related to memory management and occurs when memory is accessed after it has been freed. Exploitation of this issue can allow an attacker to affect the system. Research indicates the vulnerability was discovered through exploration of Windows I/O completion internals. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.