Windows Win32K Untrusted Pointer Dereference Allows Local Privilege Escalation

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows Win32K Untrusted Pointer Dereference Allows Local Privilege Escalation

CVE-2026-32222

Summary

Certain applications using Windows Win32K may allow an authorized user to gain more access to the system than they should have, potentially giving them the ability to make changes to system settings or access sensitive information. This could happen when a specially crafted input is processed by the Win32K component. To protect your system, ensure that all software and operating system updates are installed and that users follow proper security best practices.

Original title

Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

Original description

Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-822

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32222

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026