system privileges

Improper link resolution before file access, often referred to as "link following," represents a recurring and serious class of vulnerabilities in modern software, and with the disclosure of CVE-2025-49738 in Microsoft PC Manager, this long-standing issue has found a new foothold in a widely...

Here's a detailed explanation about CVE-2025-49660, a Windows Event Tracing Elevation of Privilege Vulnerability, based on available technical context and similar use-after-free vulnerabilities in the Windows Event Tracing or logging subsystems: Technical Details and Analysis Vulnerability...

Improper input validation remains a persistent and dangerous security concern even among well-established applications, and the recent CVE-2025-47968 affecting Microsoft AutoUpdate (MAU) underscores the ongoing risks faced by both enterprise and personal users. Microsoft AutoUpdate, responsible...

Windows Installer, a core component of the Microsoft Windows ecosystem, has once again come under scrutiny due to the disclosure of a new vulnerability, tracked as CVE-2025-33075. This security flaw, caught by Microsoft and detailed publicly in their security update guide, centers around...

A vulnerability or two has been discovered in a range of Norton products: Google security researcher Tavis Ormandy has uncovered critical vulnerabilities in a range of Symantec and Norton Antivirus products, which could be exploited by malicious hackers to launch attacks. Here's the skinny...

I have a Windows XP system that I still use off-line for a few tasks. I am the only user of it and my account is listed in Windows as an 'Administrator'. However, when I try to load programs onto it, I get a Windows error message: "The installer has insufficient privileges to access the...

Original release date: July 14, 2015 | Last revised: July 15, 2015 Systems Affected Microsoft Windows systems with Adobe Flash Player installed. Overview Used in conjunction, recently disclosed vulnerabilities in Adobe Flash and Microsoft Windows may allow a remote attacker to execute...

Severity Rating: Important Revision Note: V2.0 (March 13, 2012): Revised bulletin to announce a detection change that removes MS10-029 as the replaced bulletin for all supported editions of Windows Vista and Windows Server 2008. For more information, see the related entry in the...

This is possible the lamest question to ask, so late in the OS game, but I can't seem to find anything on it anywhere (probably just don't know how to google for it!). I run Windows 7, and of course have the normal Administrator account that one creates when installing. I wan't to create a...