Updated details indicate a concurrency flaw in the Windows Win32K graphics subsystem’s GRFX component that permits an attacker with local administrative rights to execute code at higher privilege levels. Exact mechanisms such as integer overflow or use‑after‑free conditions were not provided in the new description, so the precise technical details are unavailable. Nevertheless, the vulnerability remains an elevation‑of‑privilege issue that could enable unauthorized access, malware installation, or persistence.

The vulnerability affects a broad range of Microsoft Windows operating systems, including Windows 10 (v1607, v1809, v21H2, v22H2), Windows 11 (v23H2, v24H2, v25H2, v26H1), and multiple Windows Server releases (Server 2012, Server 2012 R2, Server 2016, Server 2019, Server 2022, Server 2025, and Server 23H2). Updated CPE identifiers confirm impact across both 32‑bit and 64‑bit architectures as well as ARM64 configurations where applicable.

The CVSS score of 7.8 indicates a high severity for a local privilege escalation scenario. The EPSS score < 1% suggests a low likelihood of exploitation in the wild, and the vulnerability is not listed in CISA’s KEV catalog, implying no publicly known exploits. However, the local attack requirements mean that users with legitimate access could pose a moderate to high risk if the vulnerability is present. The likely attack vector is an authorized local user executing crafted input that exploits the GRFX race condition; remote exploitation is not possible.