Smjert

**Name of the Vulnerable Software and Affected Versions** osquery versions prior to 4.4.0 **Description** The issue allows for a privilege escalation. If a Windows system has a PATH containing a user-writable directory, a local user can create a `zlib1.dll` DLL that osquery will attempt to load, enabling local escalation because osquery runs with elevated privileges. **Recommendations** For versions prior to 4.4.0, update to version 4.4.0 to resolve the issue. As a temporary workaround, consider restricting the PATH environment variable to exclude user-writable directories until the update can be applied.