Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
Overdue
Microsoft / Windows
Known Ransomware Use
CWE-269
CWE-59
Description
Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges.
Required Action
Apply updates per vendor instructions.
Additional Information
- Catalog Version
- 2025.01.24
- Catalog Released
- Jan. 24, 2025
- Days Until Due
- 0 days
- Last Updated
- 6 months ago