Monday, March 23, 2026

Posted by on

Micropatches released for Desktop Windows Manager Elevation of Privilege Vulnerability (CVE-2025-55681)

 


October 2025 Windows Updates brought a fix for CVE-2025-55681, a local privilege escalation vulnerability in Windows Desktop Manager that allowed a low-privileged attacker to execute malicious code as Local System. The vulnerability was subsequently described in detail by SSD Secure Disclosure, allowing us to reproduce it and create a patch for legacy Windows systems.

 

The Vulnerability 

The vulnerability is a memory corruption issue, caused by accessing an allocated memory block out of bounds.

 

Microsoft's Patch

Microsoft's patch added an out-of-bounds check to the code, which terminates the process in case of violation. This effectively turned the local privilege escalation vulnerability into a denial of service vulnerability, but the assumption is that terminating the Desktop Windows Manager on a computer does not benefit the local attacker.

 

Our Patch

Our patch is logically identical to Microsoft's. 


Micropatch Availability

Micropatches were written for the following security-adopted Windows versions:

  1. Windows 11 v21H2 - fully updated
  2. Windows 10 v21H2 - fully updated
  3. Windows 10 v21H1 - fully updated
  4. Windows 10 v20H2 - fully updated
  5. Windows 10 v2004 - fully updated
  6. Windows 10 v1909 - fully updated 


We could not reproduce the issue on any 32-bit Windows machine, nor on Windows 10 v1903 or 1809.


Micropatches have already been distributed to, and applied on, all affected online computers with 0patch Agent in PRO or Enterprise accounts (unless Enterprise group settings prevented that).

Vulnerabilities like these get discovered on a regular basis, and attackers know about them all. If you're using Windows that aren't receiving official security updates anymore, 0patch will make sure these vulnerabilities won't be exploited on your computers - and you won't even have to know or care about these things. 

We'd like to thank SSD Secure Disclosure for discovering this vulnerability and publishing their analysis, which allowed us to create a patch and protect 0patch users against this issue.

If you're new to 0patch, create a free account in 0patch Central, start a free trial, then install and register 0patch Agent. Everything else will happen automatically. No computer reboot will be needed.

Did you know 0patch security-adopted Windows 10 and Office 2016 and 2019 when they went out of support this month, allowing you to keep using them for at least 3 more years (5 years for Windows 10)? Read more about it here and here

To learn more about 0patch, please visit our Help Center.








 

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)