Microsoft Windows User Profile Service cve-2019-0986 Local privilege promotion vulnerability

Summary

Microsoft Windows User Profile Service cve-2019-0986 Local has a privilege promotion vulnerability, which can be used by authenticated remote non-privileged attackers to perform privileged operations in the Web management interface.

Solution

At present, the manufacturer has issued an update patch to fix the vulnerability, and the patch gets the link:

https://portal.msrc.microsoft.com/en-us/security-guidance