CVE-2026-21223

Name of the Vulnerable Software and Affected Versions Microsoft Edge (affected versions not specified)

Description The Microsoft Edge Elevation Service has a design flaw where a privileged COM interface does not properly check the permissions of the process making the request. A standard local user can use the LaunchUpdateCmdElevatedAndWait method of the IElevatorEdge interface to run commands with LocalSystem privileges. This allows a non-administrator to modify protected registry keys under HKLMSYSTEMCurrentControlSetControlDeviceGuard, specifically to disable Windows Virtualization-Based Security (VBS). Disabling VBS reduces the effectiveness of security features like Credential Guard, Hypervisor-protected Code Integrity (HVCI), and the Secure Kernel, leading to a security bypass.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.