🟠 High | Source: Microsoft Security Response Center
A race condition vulnerability in the Windows Backup Service allows a locally authenticated attacker to gain elevated privileges on affected systems. The flaw arises from improper synchronisation when multiple processes access a shared resource concurrently. While local access is required, successful exploitation could grant an attacker SYSTEM-level privileges, making it a useful component in a broader attack chain.
Security Architect’s Take: Prioritise patching Windows endpoints and Azure VMs running affected Windows versions, particularly those exposed to multiple users or running workloads with lower-privileged accounts. Review your VM patching cadence in Azure Update Manager and ensure backup service exposure is minimised through least-privilege configurations.
Original advisory: CVE-2026-58598 Windows Backup Service Elevation of Privilege Vulnerability