It affects all supported versions of Windows and can allow an attacker with limited access to a device to easily elevate their privileges in order to spread across the network.
BleepingComputer has tested the exploit on Windows and was able to use it to open a command prompt with SYSTEM privileges from an account that only had “Standard” privileges.It was tested on Windows 10 21H1 build 19043.1348.
We expect that Microsoft will attempt to patch this exploit in a future Patch Tuesday updateNaceri says that the best workaround is to wait for Microsoft to release a security patch for the different Windows versions affected
XDA » News Brief » Zero-day affecting Windows 10, Windows 11, and Windows Server lets anyone gain administrator privileges