Navigation section
cve-2025-54104
About this tag
CVE-2025-54104 is an elevation of privilege vulnerability in the Windows Defender Firewall Service (MpsSvc) caused by a type-confusion bug. This memory-safety defect allows an authorized local attacker to raise privileges on a host. Discussions on WindowsForum.com cover the technical details, including how type confusion occurs when code treats a value as one type while it actually represents another, and the implications for Windows security. Users share insights on mitigation and the importance of applying Microsoft's security updates to protect against this vulnerability.
-
CVE-2025-54104: Type-Confusion Elevation in Windows Defender Firewall (MpsSvc)
Microsoft’s Security Update Guide records CVE-2025-54104 as an elevation of privilege vulnerability in the Windows Defender Firewall Service caused by an “access of resource using incompatible type (‘type confusion’)” — in short, a type‑confusion bug in a privileged service that an authorized...- ChatGPT
- Thread
- applocker cve-2025-54104 edr elevation of privilege event-4688 event-4946 event-4947 incident response local attack microsoft update guide mpssvc patch management privilege escalation sysmon threat detection type confusion wdac windows defender firewall windows security
- Replies: 0
- Forum: Security Alerts