privilege escalations Archives

Winsage

February 24, 2026

Surface Pro update fixes key cellular bugs — just as Microsoft leans into 5G

Microsoft has released a firmware update for the Surface Pro (11th Gen) in February, focusing on enhancing connectivity and device reliability. Key improvements include enhanced security to address vulnerabilities, uninterrupted VPN usage by fixing cellular connectivity issues, consistent cellular settings, improved video conferencing during Microsoft Teams calls, resolved compatibility issues with Surface Dock 2, and a fix for Dolby Vision video playback errors. Additionally, Microsoft is collaborating with Ericsson to enhance 5G connectivity for Surface Pro users, which will include features like automatic eSIM switching and remote policy management. Future 5G bundles will include Microsoft 365, Intune, and Ericsson Enterprise 5G Connect, available with Surface Copilot+ PCs.

Tech Optimizer

December 7, 2025

K7 Antivirus Flaw Lets Attackers Gain SYSTEM-Level Privileges

A security vulnerability, designated as CVE-2024-36424, has been found in K7 Ultimate Security antivirus software, allowing low-privileged users to escalate their permissions to the SYSTEM level, thus gaining full control over affected Windows devices. The flaw arises from inadequate access controls in the named pipe K7TSMngrService1, which allows limited permission programs to communicate with higher-privileged programs. Attackers can exploit this vulnerability to disable antivirus protection or execute malicious code with SYSTEM privileges. K7 Computing has released several patches to address the issue, but researchers have found ways to bypass these protections. The vulnerability affects K7 Ultimate Security version 17.0.2045 and potentially earlier versions, prompting organizations to upgrade to the latest patched version.

Winsage

December 4, 2024

PoC Exploit Released for Windows Task Scheduler Zero-day Flaw, Exploited in Wild

A proof-of-concept (PoC) exploit has been released for a critical zero-day vulnerability in the Windows Task Scheduler, designated as CVE-2024-49039, which has a high CVSS score of 8.8. This privilege escalation flaw allows attackers to execute arbitrary code on affected systems with potential for zero-click exploitation. The exploitation of this vulnerability has been traced back to the Russia-aligned threat actor RomCom. Between October 10 and November 4, 2024, potential victims were mainly in Europe and North America, with some regions having up to 250 affected targets. The PoC exploit, available on GitHub, targets the WPTaskScheduler.dll component and demonstrates the ability to bypass restricted token sandboxes. Microsoft has released a patch for CVE-2024-49039, modifying the RPC Interface Security in WPTaskScheduler.dll to require at least Medium Integrity for access. Security experts recommend that Windows users and administrators apply the latest updates and adopt defense-in-depth strategies.