Sascha Meyer

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows Defender (affected versions not specified) **Description** The issue is related to insufficient access control in Microsoft Windows Defender, which can be exploited to elevate privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows versions prior to the fixed version Win32k.sys (affected versions not specified) **Description** The issue is related to insufficient access control in the Win32k component of the Windows operating system. It allows an attacker to elevate their privileges. The estimated number of potentially affected devices is not provided. There are reports of real-world incidents where this issue was exploited. Technical details about exploitation include the use of the UIFuckUp exploit to gain system privileges on Windows 10 and 11. **Recommendations** For Windows versions prior to the fixed version, update to the latest version to resolve the issue. As a temporary workaround, consider restricting access to the Win32k component until a patch is available. Avoid using the `Win32k.sys` component in sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VMware Tools for Windows versions 10.x.y through 12.0.0 **Description** The issue is related to an XML External Entity (XXE) vulnerability. A malicious actor with non-administrative local user privileges in the Windows guest OS, where VMware Tools is installed, may exploit this issue leading to a denial-of-service condition or unintended information disclosure. **Recommendations** For versions 10.x.y through 12.0.0, consider disabling the XML parsing functionality until a patch is available. As a temporary workaround, restrict access to the VMware Tools to minimize the risk of exploitation. Avoid using the vulnerable XML functionality in the affected Windows guest OS until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.