🟠 High | Source: Microsoft Security Response Center
CVE-2026-42982 is a privilege escalation vulnerability in Windows Secure Kernel Mode, a security-critical component that underpins Windows virtualisation-based security (VBS). An attacker who already has local access can exploit improper input validation to gain elevated privileges on the affected system. This is particularly concerning in cloud environments where shared or multi-tenant Windows infrastructure could allow a compromised account to escalate beyond its intended permissions.
Security Architect’s Take: Prioritise patching all Windows-based Azure VMs, Azure Virtual Desktop hosts, and any Windows Server workloads running in your cloud estate — particularly those exposed to multiple users or running with VBS/Credential Guard enabled. Review your Just-In-Time VM access policies and ensure local administrator rights are restricted to reduce the likelihood of an attacker already holding the foothold required to exploit this.
Original advisory: CVE-2026-42982 Windows Secure Kernel Mode Elevation of Privilege Vulnerability