Use After Free Vulnerability in Windows Shell by Microsoft
CVE-2025-27729
7.8HIGH
Key Information:
- Vendor
- Microsoft
- Status
- Vendor
- CVE Published:
- 8 April 2025
Summary
A use after free vulnerability in Windows Shell could allow an unauthorized attacker to execute arbitrary code on the affected system. This weakness arises from improper memory management, allowing potential exploitation by attackers to gain control over the affected environment. It's crucial for users and administrators to apply patches or mitigations provided by Microsoft to safeguard against potential threats.
Affected Version(s)
Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.5737
Windows 10 Version 22H2 x64-based Systems 10.0.19045.0 < 10.0.19045.5737
Windows 11 version 22H2 ARM64-based Systems 10.0.22621.0 < 10.0.22621.5189
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved