Windows LUAFV Privilege Elevation Vulnerability

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.0

Windows LUAFV Privilege Elevation Vulnerability

CVE-2026-27929

Summary

An attacker can take control of your computer while you're using certain Windows features, potentially gaining access to sensitive information or making unauthorized changes. This is a serious issue, especially for organizations that rely on Windows features like User Account Control (UAC) to manage user permissions. To protect your system, make sure to keep your Windows operating system and all software up to date with the latest security patches.

Original title

Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.

Original description

Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.0

Vulnerability type

CWE-367

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27929

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026