CVE-2021-41334: 
vulnerability analysis and mitigation

Windows Desktop Bridge Elevation of Privilege Vulnerability (CVE-2021-41334) was disclosed on October 12, 2021. The vulnerability affects multiple versions of Microsoft Windows including Windows 10 (versions 20H2, 21H1, 2004), Windows 11 (ARM64 and x64), Windows Server 2016 (versions 20H2, 2004), and Windows Server 2022 (NVD Database).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) by NIST with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, while Microsoft assessed it with a score of 7.0 (HIGH) with vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H. The vulnerability is classified under CWE-269 (Improper Privilege Management) (NVD Database).

This elevation of privilege vulnerability in Windows Desktop Bridge could allow an attacker to gain higher privileges on affected systems. The vulnerability received a high severity rating due to its potential impact on confidentiality, integrity, and availability of the affected systems (NVD Database).

Microsoft has released security patches to address this vulnerability. Users are advised to apply the available security updates through the Microsoft Update mechanism (Microsoft Advisory).