Description
Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally.
Published: 2026-06-09
Score: 7.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability arises from improper access control in Windows Administrator Protection, enabling an authorized attacker to circumvent a critical security feature on the host. The weakness, identified as CWE‑284, permits the attacker to execute actions that would normally be restricted, effectively elevating their privileges within the local environment. By bypassing this protection, the attacker can gain unchecked access to system resources and potentially compromise confidential data or system integrity.

Affected Systems

Affected are Microsoft Windows 11 Version 24H2, Version 25H2, and Version 26H1. These releases are listed as vulnerable in the official Microsoft advisory, and the issue has been documented for ARM64 and x64 architectures. No additional versions have been enumerated as impacted.

Risk and Exploitability

The CVSS score of 7.8 marks this vulnerability as high severity, indicating significant potential damage if exploited. The exploitation probability score (EPSS) is not available, so the likelihood remains uncertain, and the vulnerability is not yet catalogued in CISA’s KEV. The attack is local, requiring the attacker already have authorized access to the system, but once that baseline is met, they can bypass the feature without further escalation. Vigilance is advised, especially for systems that rely heavily on Administrator Protection for hardening.

Generated by OpenCVE AI on June 9, 2026 at 19:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for and install the latest Windows 11 security updates that address this issue, ensuring they include the fix for the Administrator Protection feature.
  • Upgrade to a newer Windows 11 release that incorporates the update if available.
  • Verify that all privileged accounts are subject to strict access‑control policies, limiting their use of Windows Administrator Protection and regularly auditing permissions for any unauthorized changes.

Generated by OpenCVE AI on June 9, 2026 at 19:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Vendors & Products Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1

Tue, 09 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally.
Title Windows Administrator Protection Secure Feature Bypass Vulnerability
First Time appeared Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Weaknesses CWE-284
CPEs cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
Vendors & Products Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows 11 26h1 Windows 11 26h1
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-06-09T21:50:34.471Z

Reserved: 2026-04-30T14:51:12.703Z

Link: CVE-2026-42829

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:17:09.010

Modified: 2026-06-09T19:32:51.440

Link: CVE-2026-42829

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T20:00:17Z

Weaknesses