**Name of the Vulnerable Software and Affected Versions:**

Windows versions prior to July 8, 2025

**Description:**

An improper link resolution vulnerability exists in the Windows Update Service before file access. This allows an authorized attacker to elevate privileges locally. The vulnerability affects Windows clients (Windows 10 and Windows 11) with at least two hard drives. The issue involves incorrect handling of symbolic links during file access, potentially allowing an attacker to perform arbitrary file deletion and escalate privileges to the SYSTEM level.

**Recommendations:**

Update Windows to a version released on or after July 8, 2025.