Race Condition Vulnerability in Windows App Installer by Microsoft
CVE-2026-48572
7HIGH
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-48572?
A race condition vulnerability exists in Windows App Installer that allows an authorized attacker to manipulate concurrently executed processes using a shared resource. This flaw can be exploited to elevate privileges locally, potentially enabling access to unauthorized functions or data. Prompt action is recommended to mitigate this issue.
Affected Version(s)
Windows 11 version 23H2 ARM64-based Systems 10.0.22631.0 < 10.0.22631.7376
Windows 11 Version 23H2 x64-based Systems 10.0.22631.0 < 10.0.22631.7376
Windows 11 Version 24H2 ARM64-based Systems 10.0.26100.0 < 10.0.26100.8875