CVE-2021-43237: 
vulnerability analysis and mitigation

Windows Setup Elevation of Privilege Vulnerability (CVE-2021-43237) is a security flaw discovered in Microsoft Windows systems. The vulnerability was disclosed in December 2021 and affects various versions of Windows 10 and Windows Server installations (NVD).

The vulnerability exists within Windows Update Assistant and allows local attackers to escalate privileges on affected installations of Microsoft Windows. The specific flaw enables attackers to abuse Windows Update Assistant to change the DACL on an arbitrary file by creating a directory junction. The vulnerability has a CVSS v3.1 base score of 7.3 (High) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H (ZDI, NVD).

An attacker who successfully exploits this vulnerability can leverage it to escalate privileges and execute code in the context of SYSTEM. The attack requires the attacker to first obtain the ability to execute low-privileged code on the target system (ZDI).

Microsoft has issued security updates to address this vulnerability. Users should apply the appropriate patches available through the Microsoft Security Update Guide (Microsoft Advisory).