🟠 High | Source: Microsoft Security Response Center
A race condition vulnerability in the Windows App Package Installer (AppX Installer) allows a locally authenticated attacker to elevate their privileges on the affected system. Race conditions of this type exploit timing gaps between security checks and resource access, making them tricky to detect. This is particularly relevant in cloud environments where Windows virtual machines or Azure Virtual Desktop deployments may be exposed to multi-user or shared workloads.
Security Architect’s Take: Prioritise patching Windows endpoints and Azure-hosted Windows VMs promptly, particularly those running multi-user environments such as Azure Virtual Desktop or Windows 365, where a low-privileged user gaining elevated access poses significant lateral movement risk. Review and restrict AppX Installer permissions via Group Policy or Intune where installation by standard users is not a business requirement.
Original advisory: CVE-2026-48572 Windows App Package Installer Elevation of Privilege Vulnerability