Windows Server Update Service Privilege Elevation Vulnerability

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.0

Windows Server Update Service Privilege Elevation Vulnerability

CVE-2026-32224

Summary

A flaw in the Windows Server Update Service allows an attacker with authorized access to gain higher-level access to the system. This could allow them to perform actions they shouldn't be able to do. Update your Windows Server Update Service to the latest version to fix this issue.

Original title

Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.

Original description

Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.0

Vulnerability type

CWE-416 Use After Free

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32224

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026