Microsoft Windows
CVE-2019-1082 — Microsoft Windows Elevation of Privilege Vulnerability
Executive Summary
An elevation of privilege vulnerability exists in Microsoft Windows where a certain DLL, with Local Service privilege, is vulnerable to race planting a customized DLL. An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM. The update addresses this vulnerability by requiring SYSTEM privileges for a certain DLL.
Overview
7.7
CVSS HIGH
Important
MS Severity
Not Exploited
MS Exploit Status
N/A
MS Exploit Likelihood
CVSS Vector
ATTACK VECTOR
Local
ATTACK COMPLEXITY
High
PRIVILEGES REQUIRED
Low
USER INTERACTION
None
SCOPE
Changed
Temporal Score: 7.7
EPSS Score
0.01182
probability of exploitation in the next 30 days
0.63684 percentile - updated 2026-06-20
View on FIRST.org
Affected Products
18 affected products
| Product | KB Article | Severity | Impact | Restart Required |
|---|---|---|---|---|
| Windows 10 for 32-bit Systems | 4507458 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows 10 for x64-based Systems | 4507458 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows 10 Version 1607 for 32-bit Systems | 4507460 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows 10 Version 1607 for x64-based Systems | 4507460 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows 7 for 32-bit Systems Service Pack 1 | 4507449 (Monthly Rollup) 4507456 (Security Only) |
Important | Elevation of Privilege | Yes |
| Windows 7 for x64-based Systems Service Pack 1 | 4507449 (Monthly Rollup) 4507456 (Security Only) |
Important | Elevation of Privilege | Yes |
| Windows 8.1 for 32-bit systems | 4507448 (Monthly Rollup) 4507457 (Security Only) 4507448 (Monthly Rollup) |
Important | Elevation of Privilege | Yes |
| Windows 8.1 for x64-based systems | 4507448 (Monthly Rollup) 4507457 (Security Only) 4507448 (Monthly Rollup) |
Important | Elevation of Privilege | Yes |
| Windows RT 8.1 | 4507448 (Monthly Rollup) 4507448 (Monthly Rollup) |
Important | Elevation of Privilege | Yes |
| Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4507449 (Monthly Rollup) 4507456 (Security Only) |
Important | Elevation of Privilege | Yes |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4507449 (Monthly Rollup) 4507456 (Security Only) |
Important | Elevation of Privilege | Yes |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4507449 (Monthly Rollup) 4507456 (Security Only) |
Important | Elevation of Privilege | Yes |
| Windows Server 2012 | 4507462 (Monthly Rollup) 4507464 (Security Only) |
Important | Elevation of Privilege | Yes |
| Windows Server 2012 (Server Core installation) | 4507462 (Monthly Rollup) 4507464 (Security Only) |
Important | Elevation of Privilege | Yes |
| Windows Server 2012 R2 | 4507448 (Monthly Rollup) 4507457 (Security Only) 4507448 (Monthly Rollup) |
Important | Elevation of Privilege | Yes |
| Windows Server 2012 R2 (Server Core installation) | 4507448 (Monthly Rollup) 4507457 (Security Only) 4507448 (Monthly Rollup) |
Important | Elevation of Privilege | Yes |
| Windows Server 2016 | 4507460 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows Server 2016 (Server Core installation) | 4507460 (Security Update) |
Important | Elevation of Privilege | Yes |
Patches
6 patches
| Article | Type | Restart |
|---|---|---|
4507458 |
Security Update | Yes |
4507460 |
Security Update | Yes |
4507449 (Monthly Rollup) 4507456 |
Monthly Rollup | Yes |
4507448 (Monthly Rollup) 4507457 (Security Only) 4507448 |
Monthly Rollup | Yes |
4507448 (Monthly Rollup) 4507448 |
Monthly Rollup | Yes |
4507462 (Monthly Rollup) 4507464 |
Monthly Rollup | Yes |
Known Exploits
No known exploits have been linked for this CVE yet. When available, exploit references will be sourced from public repositories and may be unverified, incomplete, or non-functional. Always review code carefully before use in any environment.
Acknowledgments
Jakub Pałaczyński, Michal Bazyli
References
On This Page