CVE-2024-43629

Name of the Vulnerable Software and Affected Versions Windows DWM Core Library versions prior to the fixed version

Description The issue is related to an elevation of privilege vulnerability in the Windows DWM Core Library, which can be exploited to allow an attacker to gain system-level privileges. This vulnerability is associated with the indirect bypass of the process check about DWM of NtDCompositionDuplicateHandleToProcess, leading to a kernel arbitrary address write. The vulnerability affects all current versions of Windows, including Windows 10, 11, and server editions. Microsoft has released security updates to patch this vulnerability.

Recommendations For Windows DWM Core Library versions prior to the fixed version, apply the security update released by Microsoft to patch the vulnerability. As a temporary workaround, consider restricting access to the DWM Core Library until the patch is applied. Avoid using the NtDCompositionDuplicateHandleToProcess function in the affected library until the issue is resolved.