You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
mmcss vulnerability
About this tag
The mmcss vulnerability tag covers CVE-2025-60707, a use-after-free flaw in the Windows Multimedia Class Scheduler Service (MMCSS). This local privilege escalation vulnerability allows an authorized attacker to gain elevated privileges on a Windows host. Microsoft has released security updates to address the issue, and administrators should treat it as a high-priority EoP risk. Discussions on WindowsForum.com focus on understanding the vulnerability, applying vendor patches, and mitigating local privilege escalation threats in Windows environments.
Microsoft has published an advisory today for CVE-2025-60707, a use‑after‑free vulnerability in the Multimedia Class Scheduler Service (MMCSS) that can be abused by an authorized local attacker to gain elevated privileges on a Windows host; Microsoft has released security updates addressing the...