Jackson T

**Name of the Vulnerable Software and Affected Versions** LHA.sys driver versions prior to 1.1.1811.2101 **Description** The issue allows low-privileged users to read and write arbitrary physical memory, potentially elevating system privileges. This is possible due to the device object having an associated symbolic link and an open DACL, which can be exploited via specially crafted IOCTL requests. **Recommendations** For versions prior to 1.1.1811.2101, update the LHA.sys driver to version 1.1.1811.2101 or later to resolve the issue. As a temporary workaround, consider restricting access to the LHA.sys driver to minimize the risk of exploitation.