Abusing the Windows Update Stack to Gain SYSTEM Access (CVE-2025-21204)
CVE-2025-21204 is a local privilege escalation flaw in the Windows Update Stack. By abusing directory junctions or symbolic links, attackers can hijack trusted paths accessed by SYSTEM-level processes like
MoUsoCoreWorker.exeand execute arbitrary code with elevated privileges. A patch is available as of April 2025. Abusing the Windows Update Stack to Gain SYSTEM Access (CVE-2025-21204)
