Nicolás Economou

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to the fixed version Microsoft Windows 10 Microsoft Windows 11 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 2022 **Description** A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. This issue can be exploited to bypass user access control and gain full system privileges. The vulnerability is actively being exploited. **Recommendations** For Microsoft Windows 10, update to a version that includes the fix for this vulnerability. For Microsoft Windows 11, update to a version that includes the fix for this vulnerability. For Microsoft Windows Server 2016, update to a version that includes the fix for this vulnerability. For Microsoft Windows Server 2019, update to a version that includes the fix for this vulnerability. For Microsoft Windows Server 2022, update to a version that includes the fix for this vulnerability. As a temporary workaround, consider restricting access to the drive remapping feature to minimize the risk of exploitation. Avoid using the vulnerable drive remapping feature until the issue is resolved.