Threat Advisory

High-Risk Windows 10 Vulnerability Exploitable for Privilege Escalation

Threat: Vulnerability

Targeted Region: Global

Targeted Sector: Technology & IT

Criticality: High

[subscribe_to_unlock_form]

EXECUTIVE SUMMARY

A significant vulnerability, identified as CVE-2024-26238, has been discovered in Windows 10 versions 21H2 and 22H2, affecting the PLUGScheduler component within the Reusable UX Integration Manager (RUXIM) utilized by Windows Update. This vulnerability allows attackers to gain elevated privileges by exploiting the PLUGScheduler.exe binary, which performs file operations with SYSTEM privileges in a directory where standard users have partial control. By leveraging this flaw, attackers can achieve arbitrary file write access with SYSTEM privileges, posing a severe risk of system compromise. Microsoft has released a patch, to address this vulnerability, emphasizing the critical importance for Windows 10 users and administrators to promptly apply the update. This vulnerability underscores the necessity of maintaining up-to-date systems with the latest security patches to mitigate the risk of exploitation by malicious actors.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY

A significant vulnerability, identified as CVE-2024-26238, has been discovered in Windows 10 versions 21H2 and 22H2, affecting the PLUGScheduler component within the Reusable UX Integration Manager (RUXIM) utilized by Windows Update. This vulnerability allows attackers to gain elevated privileges by exploiting the PLUGScheduler.exe binary, which performs file operations with SYSTEM privileges in a directory where standard users have partial control. By leveraging this flaw, attackers can achieve arbitrary file write access with SYSTEM privileges, posing a severe risk of system compromise. Microsoft has released a patch, to address this vulnerability, emphasizing the critical importance for Windows 10 users and administrators to promptly apply the update. This vulnerability underscores the necessity of maintaining up-to-date systems with the latest security patches to mitigate the risk of exploitation by malicious actors.[emaillocker id="1283"]

RECOMMENDATION:

We strongly recommend applying an update for Windows 10 PLUGScheduler Vulnerability.

Download here: https://support.microsoft.com/en-au/topic/may-14-2024-kb5037768-os-builds-19044-4412-and-19045-4412-cb676101-1641-4a6c-b512-8b277606c6e3

REFERENCES:

The following reports contain further technical details:

https://cybersecuritynews.com/windows-10-plugscheduler-flaw/

[/emaillocker]

Recent Advisories

Cisco Prime Infrastructure Information Disclosure Vulnerability

May 11, 2026

Apache Wicket has Path Traversal, Session Hijacking, and Resource Bypass vulnerabilities

May 11, 2026

Rucio Vulnerabilities Expose Arbitrary Database Query Gaps

May 8, 2026

Nginx-UI Backup Restore Vulnerability Exposes Code Injection

May 8, 2026