Critical Windows Error Reporting Vulnerability Allows SYSTEM Access via Privilege Escalation

Critical Windows Error Reporting Vulnerability Allows SYSTEM Access via Privilege Escalation

First seen 27 Mar 2026, 07:45 UTC GbhackersCybersecuritynews 93% similarity 72.6

Article Content

Browse articles
ThreatCluster

A local privilege escalation vulnerability in the Windows Error Reporting (WER) service, tracked as CVE-2026-20817, has been identified, allowing attackers to gain full SYSTEM access. This flaw enables local users with standard rights to escalate their privileges through improper permission handling. Due to the severity of the vulnerability, Microsoft has opted to completely remove the affected feature instead of issuing a traditional patch. The vulnerability was published on January 13, 2026, and the first proof of concept (PoC) was released on February 18, 2026. This poses a significant risk to systems running affected versions of Windows. Organizations are urged to assess their systems for exposure to this vulnerability.

Key Points: • CVE-2026-20817 allows local privilege escalation to SYSTEM access. • Microsoft removed the vulnerable feature entirely due to its severity. • The vulnerability was first publicly disclosed on January 13, 2026.

ThreatCluster AI

Timeline

2026-01-13
CVE-2026-20817 published
2026-02-18
First public PoC released
2026-03-27
Microsoft removes the vulnerable feature

Community

Browse all →