Windows Installer Privilege Elevation Vulnerability

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Windows Installer Privilege Elevation Vulnerability

CVE-2026-27910

Summary

A flaw in Windows Installer allows a malicious user to gain higher privileges on the local machine, potentially allowing them to access sensitive data or make unauthorized changes. This could happen on systems where users have more privileges than they should, such as in a shared computer environment. Affected systems should be patched or updated to prevent exploitation.

Original title

Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.

Original description

Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-280

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27910

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026