CVE-2021-34484

Name of the Vulnerable Software and Affected Versions Windows versions prior to the fixed version

Description The issue is related to the Windows User Profile Service and is associated with insufficient access restrictions. It allows an attacker to elevate their privileges. The vulnerability can be exploited if the attacker knows the username and password of another user. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For Windows versions prior to the fixed version, update to the latest version that includes the security patch for this issue. As a temporary workaround, consider restricting access to the User Profile Service to minimize the risk of exploitation.