You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
projfs
About this tag
The Windows Projected File System (ProjFS) is a kernel-adjacent component that has been the subject of multiple elevation-of-privilege vulnerabilities disclosed by Microsoft, including CVE-2026-42828, CVE-2026-24290, CVE-2025-62464, and CVE-2025-55233. These local privilege escalation flaws, often rated High severity with CVSS scores around 7.8, allow an attacker with existing access to gain higher privileges on affected Windows systems. Discussions on WindowsForum.com cover patch guidance, CVSS scoring, MSRC confidence signals, and mitigation strategies for administrators. The tag projfs is relevant for IT professionals tracking security updates and kernel-level risks in Windows environments.
Microsoft has disclosed CVE-2026-42828, an elevation-of-privilege vulnerability in the Windows Projected File System, as part of its June 2026 security guidance for Windows systems, with the practical risk centered on local attackers who already have some access and are trying to turn that...
Microsoft’s Security Response Center (MSRC) has recorded CVE-2026-24290 as an Elevation of Privilege vulnerability affecting the Windows Projected File System (ProjFS). The vendor’s entry is concise: the issue is a local, kernel-facing privilege-escalation weakness tied to the ProjFS subsystem...
Microsoft has published a new high‑severity local Elevation‑of‑Privilege advisory: CVE‑2025‑62464, a buffer over‑read in the Windows Projected File System (ProjFS) that can allow an authorized local attacker to escalate to higher privileges on affected hosts. Public trackers assign a CVSS v3.1...
Microsoft’s December 9 Patch Tuesday closed out the year with another kernel-area elevation‑of‑privilege that targets the Windows Projected File System (ProjFS): CVE‑2025‑55233 is an out‑of‑bounds read in ProjFS that Microsoft has recorded in its Security Update Guide and which third‑party...
A Microsoft-tracked report identified as CVE-2025-62461 has been linked in some discussion threads to a Windows “Projected File System” (ProjFS) elevation-of-privilege issue, but exhaustive checks of vendor feeds and public vulnerability trackers show no authoritative technical advisory or KB...