#Windows Update Stack

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**How do I protect myself from this vulnerability?** The vulnerability pertains to a previous installer version which has been superseded by the new WinRE installer. Since the vulnerability is only exploitable at the install time, users need to take no action to be protected from this vulnerability. See the linked Article in the Security Updates table about the update for your particular Windows version.

**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** The attacker must have permissions to access the target's System directory to plant the malicious folder that would be used as part of the exploitation.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could overwrite arbitrary file content in the security context of the local system.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**Why is Attack Complexity marked as High for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

**Why is Attack Complexity marked as High for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.