CVE-2021-40449

Name of the Vulnerable Software and Affected Versions Windows Win32k versions prior to the fixed version

Description The issue is related to a use-after-free vulnerability in the Win32k component of Windows operating systems. This vulnerability can be exploited to elevate privileges. The vulnerability is associated with the NtGdiResetDC function of the Win32k driver.

Recommendations As a temporary workaround, consider restricting access to the Win32k driver until a patch is available. Apply the patch provided by Microsoft for the Win32k Elevation of Privilege Vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.