CVE-2021-28320 : What You Need to Know

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability was published on April 13, 2021 by Microsoft affecting various versions of Windows 10 and Windows Server. The vulnerability has a CVSS base score of 7.8, indicating a high severity.

Understanding CVE-2021-28320

This section dives into what CVE-2021-28320 is and its impact.

What is CVE-2021-28320?

CVE-2021-28320 is an Elevation of Privilege vulnerability in the Windows Resource Manager PSM Service Extension.

The Impact of CVE-2021-28320

The vulnerability allows attackers to elevate privileges, potentially gaining unauthorized access to sensitive information and execute arbitrary code.

Technical Details of CVE-2021-28320

Exploring the vulnerability in more detail.

Vulnerability Description

The vulnerability arises from improper handling of objects in memory by the affected Windows components.

Affected Systems and Versions

The vulnerability affects multiple versions of Windows, including Windows 10 Version 1803, 1809, 1909, 2004, 20H2, as well as Windows Server 2016, 2019, and their Core installations.

Exploitation Mechanism

Attackers can exploit this vulnerability by running malicious applications locally to elevate privileges and potentially execute arbitrary code.

Mitigation and Prevention

Understanding how to mitigate the risks and prevent exploitation.

Immediate Steps to Take

Users should apply security updates provided by Microsoft to address the vulnerability and protect their systems.

Long-Term Security Practices

Implementing least privilege access, network segmentation, and regular security updates can help enhance overall security posture.

Patching and Updates

Regularly check for security updates from Microsoft and apply them promptly to ensure systems are protected against known vulnerabilities.