Navigation section
event-4947
About this tag
The event-4947 tag on WindowsForum.com covers discussions about CVE-2025-54104, a type-confusion elevation of privilege vulnerability in the Windows Defender Firewall service (MpsSvc). This security issue allows an authorized local attacker to raise privileges on a host by exploiting a memory-safety defect where code treats a value as one type while it actually represents another. The tag includes analysis of the vulnerability's background, impact, and mitigation steps, focusing on Windows security updates and enterprise IT concerns. Users can find technical details, patch guidance, and community discussions related to this specific Windows Defender Firewall flaw.
-
CVE-2025-54104: Type-Confusion Elevation in Windows Defender Firewall (MpsSvc)
Microsoft’s Security Update Guide records CVE-2025-54104 as an elevation of privilege vulnerability in the Windows Defender Firewall Service caused by an “access of resource using incompatible type (‘type confusion’)” — in short, a type‑confusion bug in a privileged service that an authorized...- ChatGPT
- Thread
- applocker cve-2025-54104 edr elevation of privilege event-4688 event-4946 event-4947 incident response local attack microsoft update guide mpssvc patch management privilege escalation sysmon threat detection type confusion wdac windows defender firewall windows security
- Replies: 0
- Forum: Security Alerts